urlscan.io logo urlscan.io
SecurityTrails logo

www.creaders.net Open in urlscan Pro
35.155.48.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://creaders.net/
Effective URL: https://www.creaders.net/
Submission: On July 24 via api from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 116 IPs in 9 countries across 95 domains to perform 915 HTTP transactions. The main IP is 35.155.48.17, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.creaders.net.
TLS certificate: Issued by Amazon on February 1st 2021. Valid for: a year.
This is the only time www.creaders.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 51 35.155.48.17 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.43.79.19 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 13.226.145.121 16509 (AMAZON-02)
4 9 2620:116:800d... 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 142.250.74.194 15169 (GOOGLE)
1 13.226.145.27 16509 (AMAZON-02)
1 3.17.33.216 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
41 2a00:1450:400... 15169 (GOOGLE)
9 13.226.132.202 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
16 213.19.147.43 3356 (LEVEL3)
3 2a04:4e42:3::485 54113 (FASTLY)
6 35.157.246.167 16509 (AMAZON-02)
12 185.64.189.112 62713 (AS-PUBMATIC)
12 37.252.173.22 29990 (ASN-APPNEX)
6 78 2606:4700:20:... 13335 (CLOUDFLAR...)
1 7 46.249.52.248 50673 (SERVERIUS-AS)
6 147.75.38.124 54825 (PACKET)
6 185.184.8.65 204995 (RTB-HOUSE...)
6 178.250.2.131 44788 (ASN-CRITE...)
23 54.155.97.90 16509 (AMAZON-02)
8 184.31.84.150 16625 (AKAMAI-AS)
21 2606:4700:21:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
1 33 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
9 37.157.6.242 198622 (ADFORM)
2 3.126.56.137 16509 (AMAZON-02)
6 2a00:1288:80:... 203220 (YAHOO-DEB)
2 3.125.166.75 16509 (AMAZON-02)
6 37.157.6.236 198622 (ADFORM)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:2638::3 44788 (ASN-CRITE...)
18 35.169.188.209 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
15 30 142.250.185.226 15169 (GOOGLE)
4 86 2.18.234.21 16625 (AKAMAI-AS)
23 38 185.33.223.178 29990 (ASN-APPNEX)
6 151.101.14.133 54113 (FASTLY)
4 142.250.186.162 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 34.234.42.43 14618 (AMAZON-AES)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 213.174.135.2 39572 (ADVANCEDH...)
6 7 2001:678:cb4:... 56396 (TURN)
7 7 3.123.143.157 16509 (AMAZON-02)
9 9 185.29.135.233 30419 (MEDIAMATH...)
5 6 169.50.137.190 36351 (SOFTLAYER)
1 34.96.105.8 15169 (GOOGLE)
2 2 185.86.137.121 201081 (SMARTADSE...)
1 5 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 35.186.253.211 15169 (GOOGLE)
2 4 185.64.189.115 62713 (AS-PUBMATIC)
4 52.211.35.237 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
3 18.214.137.90 14618 (AMAZON-AES)
1 7 34.98.64.218 15169 (GOOGLE)
15 2.18.233.180 16625 (AKAMAI-AS)
8 9 18.197.47.23 16509 (AMAZON-02)
2 104.111.230.142 16625 (AKAMAI-AS)
1 2 52.59.160.25 16509 (AMAZON-02)
3 8 52.59.115.28 16509 (AMAZON-02)
6 185.94.180.124 35220 (SPOTX-AMS)
6 2.18.234.233 16625 (AKAMAI-AS)
2 4 209.54.176.128 16509 (AMAZON-02)
2 7 13.248.242.197 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
3 3 151.101.14.49 54113 (FASTLY)
3 5 104.111.242.53 16625 (AKAMAI-AS)
3 72.251.241.204 29791 (VOXEL-DOT...)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 5 34.252.144.15 16509 (AMAZON-02)
1 1 34.196.122.10 14618 (AMAZON-AES)
2 2 135.125.8.70 16276 (OVH)
2 52.202.1.196 14618 (AMAZON-AES)
1 2 18.233.75.25 14618 (AMAZON-AES)
7 7 54.86.120.215 14618 (AMAZON-AES)
10 10 216.52.2.19 30282 (AS-INAPCD...)
12 178.162.133.149 60781 (LEASEWEB-...)
13 20 18.156.0.31 16509 (AMAZON-02)
6 6 3.124.169.141 16509 (AMAZON-02)
6 208.100.17.171 32748 (STEADFAST)
6 51.89.9.254 16276 (OVH)
1 18.157.50.45 16509 (AMAZON-02)
7 8 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 185.183.112.155 60350 (VP)
5 169.197.150.8 398989 (DEEPINTENT)
4 12 37.157.3.30 198622 (ADFORM)
4 35.241.40.233 15169 (GOOGLE)
6 6 66.155.71.149 13768 (COGECO-PEER1)
2 2 54.205.198.81 14618 (AMAZON-AES)
3 3 54.155.16.196 16509 (AMAZON-02)
1 34.251.129.229 16509 (AMAZON-02)
1 151.101.13.108 54113 (FASTLY)
2 2 54.175.198.118 14618 (AMAZON-AES)
3 3 193.0.160.129 54312 (ROCKETFUEL)
1 2 34.253.109.165 16509 (AMAZON-02)
1 54.195.94.143 16509 (AMAZON-02)
5 35.156.66.105 16509 (AMAZON-02)
2 2.18.235.40 16625 (AKAMAI-AS)
1 18.198.122.231 16509 (AMAZON-02)
1 178.250.2.151 44788 (ASN-CRITE...)
1 12 185.64.190.80 62713 (AS-PUBMATIC)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 38.27.122.158 174 (COGENT-174)
1 35.244.174.68 15169 (GOOGLE)
3 185.64.190.81 62713 (AS-PUBMATIC)
5 185.64.189.110 62713 (AS-PUBMATIC)
1 1 52.21.104.248 14618 (AMAZON-AES)
1 2 38.67.14.233 174 (COGENT-174)
1 1 52.208.210.171 16509 (AMAZON-02)
915 116
51    35.155.48.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-48-17.us-west-2.compute.amazonaws.com
creaders.net
www.creaders.net
pub.creaders.net
classified.creaders.net
7    2606:4700:10::ac43:1faa (United States)

ASN13335 (CLOUDFLARENET, US)
services.bilsyndication.com
biltag.bilsyndication.com
assets.bilsyndication.com
stats.bilsyndication.com
1    52.43.79.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-79-19.us-west-2.compute.amazonaws.com
www.bcbay.com
4    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i1.ytimg.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
8    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    13.226.145.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-121.dus51.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
9    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
25    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.226.145.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-27.dus51.r.cloudfront.net
certify.alexametrics.com
1    3.17.33.216 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-33-216.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
5    2606:4700:10::6816:1758 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.bilsyndication.com
stats.bilsyndication.com
41    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
9    13.226.132.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-202.dus51.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:2182:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
16    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
3    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
12    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs-simple.com
78    2606:4700:20::681a:34e (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
7    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
6    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
6    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
23    54.155.97.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
8    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
21    2606:4700:21::681b:cf5c (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
7    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
13    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
8    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
52    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
33    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
6    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
cdn-ssl.vidible.tv
2    3.125.166.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-166-75.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.yahoo.com
6    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
5    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.selectmedia.asia
player.selectmedia.asia
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
18    35.169.188.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
29    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
30    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
86    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
38    185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
6    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a02:26f0:6c00::210:bb19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.selectmedia.asia
1    34.234.42.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
2    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.hb.selectmedia.asia
7    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
7    3.123.143.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
9    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr.blismedia.com
2    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    52.211.35.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-35-237.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    18.214.137.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-137-90.compute-1.amazonaws.com
sync.aniview.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
select-d.openx.net
eu-u.openx.net
us-u.openx.net
15    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
2    52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-160-25.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
8    52.59.115.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
6    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
6    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
4    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
3    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
5    34.252.144.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-144-15.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    34.196.122.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
2    52.202.1.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
2    18.233.75.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
7    54.86.120.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
10    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
12    178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
20    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    3.124.169.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
6    208.100.17.171 (United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
6    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    18.157.50.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-50-45.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
8    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
5    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
5    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
12    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dmp.brand-display.com
6    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    54.205.198.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
3    54.155.16.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    34.251.129.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    54.175.198.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
3    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    54.195.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
acds.prod.vidible.tv
5    35.156.66.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-66-105.eu-central-1.compute.amazonaws.com
trk.vidible.tv
2    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    18.198.122.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads-eu.v.ssp.yahoo.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
12    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
5    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    52.21.104.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    38.67.14.233 (United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
91 googlesyndication.com
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
503 KB
80 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
111 KB
78 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
32 KB
65 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
383 KB
51 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
simage4.pubmatic.com
111 KB
51 creaders.net
creaders.net
www.creaders.net
pub.creaders.net
classified.creaders.net
3 MB
45 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
5 MB
39 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
45 KB
36 yahoo.com
c2shb.ssp.yahoo.com
service.idsync.analytics.yahoo.com
prod-m-node-3113.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
31 KB
29 2mdn.net
s0.2mdn.net
699 KB
27 adform.net
track.adform.net
s1.adform.net
c1.adform.net
217 KB
23 smaato.net
prebid.ad.smaato.net
8 KB
22 aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
6 KB
21 vliplatform.com
px.vliplatform.com
9 KB
17 unrulymedia.com
targeting.unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
17 google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
37 KB
15 ampproject.org
cdn.ampproject.org
300 KB
15 google.com
adservice.google.com
www.google.com
2 KB
14 indexww.com
js-sec.indexww.com
13 KB
13 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
41 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
232 KB
12 sonobi.com
sync.go.sonobi.com
6 KB
12 adnxs-simple.com
ib.adnxs-simple.com
9 KB
12 bilsyndication.com
services.bilsyndication.com
biltag.bilsyndication.com
assets.bilsyndication.com
stats.bilsyndication.com
355 KB
11 advertising.com
pixel.advertising.com
ads.adaptv.advertising.com
5 KB
10 lijit.com
ap.lijit.com
5 KB
10 krxd.net
cdn.krxd.net
beacon.krxd.net
consumer.krxd.net
175 KB
10 google.de
adservice.google.de
1 KB
9 openx.net
rtb.openx.net
u.openx.net
select-d.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
9 mathtag.com
sync.mathtag.com
5 KB
9 quantserve.com
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
12 KB
8 vidible.tv
acds.prod.vidible.tv
cdn-ssl.vidible.tv
trk.vidible.tv
111 KB
8 dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
1 KB
8 spotxchange.com
search.spotxchange.com
sync.search.spotxchange.com
8 KB
8 bidswitch.net
x.bidswitch.net
2 KB
8 selectmedia.asia
tg1.selectmedia.asia
player.selectmedia.asia
play.selectmedia.asia
player.hb.selectmedia.asia
416 KB
8 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
2 KB
8 googletagservices.com
www.googletagservices.com
275 KB
7 advangelists.com
nep.advangelists.com
2 KB
7 adsrvr.org
match.adsrvr.org
2 KB
7 w55c.net
pm.w55c.net
6 KB
7 turn.com
ad.turn.com
r.turn.com
3 KB
7 googletagmanager.com
www.googletagmanager.com
73 KB
7 e-planning.net
ads.us.e-planning.net
3 KB
6 sitescout.com
pixel-sync.sitescout.com
2 KB
6 onetag-sys.com
onetag-sys.com
5 KB
6 33across.com
ssc-cms.33across.com
6 sharethrough.com
match.sharethrough.com
1 KB
6 stickyadstv.com
ads.stickyadstv.com
4 KB
6 simpli.fi
um.simpli.fi
3 KB
6 creativecdn.com
prebid-eu.creativecdn.com
1 KB
6 a-mo.net
prebid.a-mo.net
286 B
5 deepintent.com
match.deepintent.com
154 B
5 ad4m.at
ad4m.at
5 bidr.io
match.prod.bidr.io
2 KB
5 owneriq.net
px.owneriq.net
2 KB
4 brand-display.com
dmp.brand-display.com
568 B
4 adotmob.com
sync.adotmob.com
3 KB
4 yimg.com
s.yimg.com
174 KB
4 ytimg.com
i1.ytimg.com
17 KB
3 rfihub.com
p.rfihub.com
2 KB
3 adroll.com
d.adroll.com
334 B
3 adgrx.com
cm.adgrx.com
1 KB
3 everesttech.net
sync-tm.everesttech.net
837 B
3 rubiconproject.com
video-ads.rubiconproject.com
optimized-by.rubiconproject.com
23 KB
3 1rx.io
sync.1rx.io
1 KB
3 jsdelivr.net
cdn.jsdelivr.net
19 KB
2 mxptint.net
pmp.mxptint.net
967 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 moatads.com
z.moatads.com
px.moatads.com
44 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 stackadapt.com
sync.srv.stackadapt.com
894 B
2 extend.tv
sync.extend.tv
1 KB
2 eqads.com
um2.eqads.com
563 B
2 adentifi.com
rtb.adentifi.com
176 B
2 dyntrk.com
gu.dyntrk.com
850 B
2 smartadserver.com
ssbsync.smartadserver.com
904 B
2 createjs.com
code.createjs.com
125 KB
2 criteo.net
static.criteo.net
52 KB
1 gumgum.com
rtb.gumgum.com
336 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 bnmla.com
match.bnmla.com
114 B
1 demdex.net
dpm.demdex.net
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
377 B
1 bttrack.com
bttrack.com
380 B
1 blismedia.com
tr.blismedia.com
136 B
1 quantcount.com
rules.quantcount.com
440 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 bcbay.com
www.bcbay.com
10 KB
0 resetdigital.co Failed
sync.resetdigital.co Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
915 95
Domain Requested by
66 sync.quantumdex.io assets.bilsyndication.com
sync.quantumdex.io
ssum-sec.casalemedia.com
52 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
srcdoc
imasdk.googleapis.com
48 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
um2.eqads.com
41 imasdk.googleapis.com biltag.bilsyndication.com
player.selectmedia.asia
imasdk.googleapis.com
33 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
www.creaders.net
cdn.ampproject.org
32 ib.adnxs.com 23 redirects googleads.g.doubleclick.net
player.selectmedia.asia
ssum-sec.casalemedia.com
30 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
u.openx.net
29 s0.2mdn.net www.creaders.net
s0.2mdn.net
imasdk.googleapis.com
25 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
www.creaders.net
25 www.creaders.net www.creaders.net
23 prebid.ad.smaato.net assets.bilsyndication.com
21 px.vliplatform.com cdn.jsdelivr.net
20 ups.analytics.yahoo.com 13 redirects ssum-sec.casalemedia.com
18 track1.aniview.com www.creaders.net
player.selectmedia.asia
16 ssum-sec.casalemedia.com ssum.casalemedia.com
js-sec.indexww.com
sync.quantumdex.io
ssum-sec.casalemedia.com
16 targeting.unrulymedia.com assets.bilsyndication.com
15 ads.pubmatic.com player.selectmedia.asia
assets.bilsyndication.com
sync.quantumdex.io
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
14 js-sec.indexww.com player.selectmedia.asia
assets.bilsyndication.com
ssum-sec.casalemedia.com
14 pub.creaders.net www.creaders.net
12 simage2.pubmatic.com 1 redirects ads.pubmatic.com
12 c1.adform.net 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
12 sync.go.sonobi.com sync.quantumdex.io
12 ib.adnxs-simple.com assets.bilsyndication.com
12 hbopenbid.pubmatic.com assets.bilsyndication.com
player.selectmedia.asia
10 ap.lijit.com 10 redirects
10 adservice.google.com securepubads.g.doubleclick.net
10 adservice.google.de securepubads.g.doubleclick.net
10 classified.creaders.net www.creaders.net
9 pixel.advertising.com 8 redirects player.selectmedia.asia
9 sync.mathtag.com 9 redirects
9 track.adform.net www.creaders.net
s1.adform.net
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
9 c.amazon-adsystem.com biltag.bilsyndication.com
c.amazon-adsystem.com
8 x.bidswitch.net 3 redirects ssum-sec.casalemedia.com
8 htlb.casalemedia.com assets.bilsyndication.com
8 www.googletagservices.com www.creaders.net
securepubads.g.doubleclick.net
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
7 pixel.quantserve.com 4 redirects ssum-sec.casalemedia.com
7 dsum.casalemedia.com ssum-sec.casalemedia.com
7 casale-match.dotomi.com 7 redirects
7 nep.advangelists.com 7 redirects
7 match.adsrvr.org 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
u.openx.net
7 pm.w55c.net 7 redirects ssum-sec.casalemedia.com
7 fonts.gstatic.com fonts.googleapis.com
7 www.googletagmanager.com biltag.bilsyndication.com
play.selectmedia.asia
7 ads.us.e-planning.net 1 redirects www.creaders.net
assets.bilsyndication.com
6 pixel-sync.sitescout.com 6 redirects
6 onetag-sys.com sync.quantumdex.io
6 ssc-cms.33across.com sync.quantumdex.io
6 match.sharethrough.com 6 redirects
6 ms.quantumdex.io 6 redirects
6 secure.adnxs.com ssum.casalemedia.com
ssum-sec.casalemedia.com
6 ads.stickyadstv.com player.selectmedia.asia
6 search.spotxchange.com player.selectmedia.asia
6 um.simpli.fi 5 redirects
6 ad.turn.com 6 redirects
6 s1.adform.net track.adform.net
s1.adform.net
6 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 bidder.criteo.com assets.bilsyndication.com
6 prebid-eu.creativecdn.com assets.bilsyndication.com
6 prebid.a-mo.net assets.bilsyndication.com
6 useast.quantumdex.io assets.bilsyndication.com
6 c2shb.ssp.yahoo.com assets.bilsyndication.com
5 image2.pubmatic.com
5 trk.vidible.tv
5 match.deepintent.com ssum-sec.casalemedia.com
ads.pubmatic.com
5 ad4m.at ssum-sec.casalemedia.com
5 match.prod.bidr.io 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 px.owneriq.net 3 redirects ssum.casalemedia.com
ads.pubmatic.com
5 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
5 googleads.g.doubleclick.net 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
www.creaders.net
5 www.google.com 1 redirects tpc.googlesyndication.com
www.creaders.net
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
5 assets.bilsyndication.com biltag.bilsyndication.com
www.creaders.net
4 dmp.brand-display.com ssum-sec.casalemedia.com
4 sync.adotmob.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
4 beacon.krxd.net 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
cdn.krxd.net
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 googleads4.g.doubleclick.net www.creaders.net
4 cdn.krxd.net s0.2mdn.net
cdn.krxd.net
4 fonts.googleapis.com securepubads.g.doubleclick.net
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
4 s.yimg.com www.creaders.net
4 i1.ytimg.com www.creaders.net
3 p.rfihub.com 3 redirects
3 d.adroll.com 3 redirects
3 cm.adgrx.com ssum.casalemedia.com
ssum-sec.casalemedia.com
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 sync.aniview.com player.selectmedia.asia
ssum.casalemedia.com
3 sync.1rx.io 3 redirects
3 player.selectmedia.asia tg1.selectmedia.asia
player.selectmedia.asia
3 stats.bilsyndication.com cdn.jsdelivr.net
biltag.bilsyndication.com
3 cdn.jsdelivr.net assets.bilsyndication.com
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
3 www.gstatic.com www.creaders.net
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
2 pmp.mxptint.net 1 redirects
2 image4.pubmatic.com
2 cdn-ssl.vidible.tv acds.prod.vidible.tv
player.selectmedia.asia
2 us-u.openx.net u.openx.net
2 eu-u.openx.net u.openx.net
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 sync.srv.stackadapt.com 2 redirects
2 sync.extend.tv 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 rtb.adentifi.com ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 ads.adaptv.advertising.com 1 redirects player.selectmedia.asia
2 video-ads.rubiconproject.com player.selectmedia.asia
2 u.openx.net 1 redirects player.selectmedia.asia
2 consumer.krxd.net cdn.krxd.net
2 rtb.openx.net 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 player.hb.selectmedia.asia www.creaders.net
2 code.createjs.com s0.2mdn.net
2 play.selectmedia.asia player.selectmedia.asia
2 static.criteo.net assets.bilsyndication.com
static.criteo.net
2 prod-m-node-3113.ssp.yahoo.com www.creaders.net
2 service.idsync.analytics.yahoo.com www.creaders.net
2 ssl.google-analytics.com 1 redirects www.creaders.net
2 biltag.bilsyndication.com services.bilsyndication.com
biltag.bilsyndication.com
2 services.bilsyndication.com www.creaders.net
services.bilsyndication.com
2 creaders.net 2 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 pubmatic-match.dotomi.com
1 idsync.rlcdn.com
1 match.bnmla.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 px.moatads.com
1 ads-eu.v.ssp.yahoo.com
1 z.moatads.com cdn-ssl.vidible.tv
1 acds.prod.vidible.tv player.selectmedia.asia
1 acdn.adnxs.com player.selectmedia.asia
1 dpm.demdex.net ssum-sec.casalemedia.com
1 optimized-by.rubiconproject.com video-ads.rubiconproject.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 bttrack.com ssum.casalemedia.com
1 select-d.openx.net player.selectmedia.asia
1 ssum.casalemedia.com player.selectmedia.asia
1 tr.blismedia.com 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
1 cms.quantserve.com 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
1 r.turn.com
1 go1.aniview.com player.selectmedia.asia
1 gum.criteo.com static.criteo.net
1 encrypted-tbn3.gstatic.com 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
1 encrypted-tbn2.gstatic.com 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
1 encrypted-tbn1.gstatic.com 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
1 tg1.selectmedia.asia securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.creaders.net
1 certify.alexametrics.com www.creaders.net
1 stats.g.doubleclick.net www.creaders.net
1 secure.quantserve.com www.creaders.net
1 d31qbv1cthcecs.cloudfront.net www.creaders.net
1 www.bcbay.com www.creaders.net
0 sync.resetdigital.co Failed
0 ums.acuityplatform.com Failed ssum-sec.casalemedia.com
0 google2waycm.netmng.com Failed 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
915 161
Subject Issuer Validity Valid
*.creaders.net
Amazon		 2021-02-01 -
2022-03-02		 a year crt.sh
bilsyndication.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
bcbay.com
Amazon		 2020-09-19 -
2021-10-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-09-10 -
2021-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
ads.us.e-planning.net
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
smaato.net
Sectigo ECC Organization Validation Secure Server CA		 2020-07-28 -
2022-10-04		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-06-23 -
2021-08-04		 a month crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-07-14 -
2021-10-13		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
wl.aniview.com
R3		 2021-05-20 -
2021-08-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.aniview.com
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
player.hb.selectmedia.asia
R3		 2021-07-03 -
2021-10-01		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-06-29 -
2021-09-27		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
consumer.krxd.net
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
acds.prod.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-06-21 -
2021-12-15		 6 months crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-05-17 -
2021-11-10		 6 months crt.sh
trk.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-07-11 -
2022-01-05		 6 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.mxptint.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-29 -
2022-07-07		 a year crt.sh

This page contains 164 frames:

Primary Page: https://www.creaders.net/
Frame ID: 369F15EE25038DFBFCB767C505923A1B
Requests: 298 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: AF6388728264508092DB2860651BE00C
Requests: 16 HTTP requests in this frame

Frame: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D8EA12F43C37E6956E45F716C5A312E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0C4F102B301258E3355799ECC9C9C584
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6754EF16E8415C72FE67E7B4E723D180
Requests: 1 HTTP requests in this frame

Frame: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 04F5FC28E28CB8B9EBF292E9E0EDDC4B
Requests: 7 HTTP requests in this frame

Frame: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B415EAC95971FE53957818E6CBDEA3EE
Requests: 7 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=40545708;rtbwp=0.013706;rtbdata=JgKckWrbBA-4U6Y0PtEXjCtZh_JCPRWHw5YCeDw-mkdShRyt6NmXt49n8dFMkYxUcCLdOXc8wkuAAnoBsWUpQlZCddoh0PzjuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CiZWfUZyQ_kehDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1
Frame ID: 02D4EA1EF0D54AFA0EE7E3FC618B25B4
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=40545708;rtbwp=0.013706;rtbdata=N9ZI89eNHLBzbCmn9hzsEqXPP1cI6Xj9-AJtItdp3_SPUl7jYpBQ6tOBIp27BAsiCoNjPqqzB7LpaossgjmWMGC2BK5G3ijuuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CmRkWjfpefYlhDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1
Frame ID: BCF93142845C5FC5714DA821F71A5083
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: E2290AED5BBC301FA8E1D280A6868FB4
Requests: 19 HTTP requests in this frame

Frame: https://biltag.bilsyndication.com/passback/?t=1627126497&d=357&z=23383&divID=vi_35723383_836&w=336&h=280
Frame ID: AAE936858F091444B5C215A418CED5FD
Requests: 3 HTTP requests in this frame

Frame: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BAF1BDAC8AC89BFD3C1E3D4F08F19ECC
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: BD2818972CEA652BCC705A3CA5931552
Requests: 18 HTTP requests in this frame

Frame: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2BD65DE87B09D0FB3EAECB841AD9EDDC
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT0A26Icf1KuaU2SY4QDfnh0RzMtAqv3H9AWrZ3U3zDAiRWKj5NxgTOLRPlxJvSm5C5Fq1Wi0Sjef3La63bM4EHPP7Qweb7cVhVD5Hl1yU0NSJul0N_lB-CTXWokqW8xTF-GiuPdneqADSLxsdyq4Vg8sSB7e_tBmokOE8f9tr7W5T4T_cvgshmJXXDhhVN3ukGJGgL-YZBXtk_tS3UzM8NQ-Vk9XGNljYWjpbw4vKa09C109hyz0KGLh9zynjL-jmn--Dl2evR3DHXZbiJuqzENJus0Px2uhmWeLENmlndsqLBmwQXtqtUCex8lFy1V6SzpMBkmyynhT73Bg&sai=AMfl-YRdQmvNMD_q8mI_v12TKnRR6xJK1F9Qg8hkCm7_HBncUHi_UVAEiM4ImB8pH3AFVQ3m0MU8fTpiHRKRLu9SMR_FSSxdFqC39F2MQiqinwf7B7wNjyDybwoW35WeLGym&sig=Cg0ArKJSzJx2Qzv8ee3pEAE&urlfix=1&adurl=
Frame ID: F97738E99E736351408FF47CE0B81947
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Frame ID: CE4CB3DF8B3E57EFBB28547C938BEF3D
Requests: 15 HTTP requests in this frame

Frame: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 17147895DBB26CE9F64CB078B1E1AF9F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7eCEGzAB&v=APEucNVG_La7m7s5K7bpac6osabFATbH6GUS2ZXBuyAwPYNWnOWEvh0lfGXG3KkWs5bV8jN6WunvN8FEWN51c6ksuA7g06EbLTksiPEXFgMzqUawyqkCgPf5iS3n6ENlhmos7vIUOQZ64NIMP8sTWDqOObhzSCmgen7mgOdkRBq3yeFxdTGKa5Y
Frame ID: 2823C9174F4CC772C05631BF8391E2DE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNWPCZxzfeROA9r571mltJlk3hdg83pBQnNXA2emTb66ds8Wm4yJxiwADL7VRFb7YNhbNypyt-rwlu2XVISfpSWNB71bzH12z2ILs9QXapYWIN9G1z3Z6nxE_unag5d8oMIoatFsMfJwVaQ8c2nphOoJgS2JqC5h36aVaCEOeOPEldpqvO8
Frame ID: B0BAE4D6435ECC49AD74C6C0E424FC59
Requests: 5 HTTP requests in this frame

Frame: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Frame ID: 632F5D8BA7074C95D4EA32F5C39E6D76
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.creaders.net&gdpr=1&gdpr_consent=
Frame ID: 5FE331A1D362CEB42100E8C2F6CAD686
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFF64DFD01E36193976945D14B7E1381
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/1924166856372953/index.html
Frame ID: DE021F023CC4C9C49DA615AEF8CC9041
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31DB9BA6FE162EA5F65A58BEA639B759
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/1216297344507822/index.html
Frame ID: F005FCA3226E0270B28E83D5CFD46329
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4F5B43E52A0EE032F9C343341C6BB7EC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B58B2164959C7F510056AE015BFC3690
Requests: 3 HTTP requests in this frame

Frame: https://player.hb.selectmedia.asia/prebidlink/451983/hb_310028_7816.js
Frame ID: 3F1672742949E64DDDFA6DB78CFA3A1E
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=13&key=OPTOUT
Frame ID: 3194A7B1411E5F17FEFEA3245F5136CA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=23&key=72b4d3c9-0d85-41ff-8307-89e84ad7a44b
Frame ID: 96FC5CB003110C9FB2F3D90D79B752FB
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Frame ID: 278535BE6E6FE8439AB0CC4534EB02F0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D1%26key%3D
Frame ID: 808B9F08403243D1ECF1F5D4DB66D1D3
Requests: 2 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58253/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 897865CBBC039084094461DE2AD41FF1
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 28A18BEEE86113D901B21332C7557836
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 69C261AF58A35C2F1E06C6D9A31D5519
Requests: 9 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 10DC80BF1197C5E283AFF0C0FC1B6E5F
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F3CA28EF99EC1D88B9EBE8B69D974D9F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 308F8632F1A47B641E54293E621B5533
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: 58FC17779946F45043399714E6ED81F4
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: BE08348B04E1C3B56E1261637DA2F604
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: 14E4339C60C12AF2FCF25D2B287F94B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: FCDE6E721D34EEAABA3459051E5B97BB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AA75ACF580684A627D4EB06C29074BA1
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 741BADEB8EC25899ED3B4409A28ADD30
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 5BFE97D1DAF28FA5B1DA27EEB1A0E083
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 2375F731D05450A186A4DF4A1FF14030
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: BD86114A5FF796BBCE83826308B49F89
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 86D8F4E1156E93A47D6CFE926306C897
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: CEA528922099936BAD466CF2473EE252
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 52C2FFFD56C0DD196B2CEBE441840BAD
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: 89CD9A731FA4FD907EC7ED4802E46E08
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4587CAEC6A76089B058E0BFD590DD5DA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 951BE46E1A81E0CB007B464E38D8DCFB
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31032.js
Frame ID: 9B075F679DF8BC804CC175C4656BB76D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C24AA0A33A44AE4F7D021DA3444146C2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1D5FF8EDB7900489073F58505A58DB6A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 2E3BC60A1099D72F6CB85CB89D903A2A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: F52AE19D361FEBF64A01DDF27152ACA9
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: D72A793DA4DA1B0C6C274EFD5F0DDF80
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6E2475EB2947B1AA8105A5B1FC039A30
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3E997BF7FEC5688DB4E87A19DC9E80B0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F359EDF98B5A4EAA419E1D38C08DCF6C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7D355F528FCC7E5581FD9BE92A33E11C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1E655D058ABDE8523C7EF46692EA33F8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5AB8339AD8FA92D4695DDA52F92C2E01
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: FD34A63F1BA1C0B1AEB9AFF981174698
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 3BE84C366D5CDCC05BFC91C963D63918
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DA5CBA45948AD14EC3A9AE735A9A516F
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 47E35CC6FABB4DD1C34F49A587E05125
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 40B1180DF902FB9580CA3D1D13D2BC9E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: FCCD1777499842288281638C0B9D1BD9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 9151F4241DBF13B9B2D273D864D917E9
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 054830F129C8390CE9B305F34261B6CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D81D153AC0137D05AEA6F3C9C69D176A
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 9987B759D48BFE02ADE1CE954D7443A2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 55EE72EC79650465B127933C4018306A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: BA80AB8955C04D72F53D296E408C1429
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: D7A59D5690151B3AB1E7D6ACAC89A75C
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: F5605A34D07BB536B1D7BD0795655C81
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 2496C324CC68EB0EC1C9D7FF7F983AE9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 5E48B6EA620C5E237FF12EEC1D8E0988
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: BF63B4574CED10CC55B2531F7086A693
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 4243B7DCF7B7EF631EAA5E7DB52D5187
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: AD214C54F482E968B9FB34E7B9BBD758
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 9CCABE010A99CCD2A0B5B12414DF32B2
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 6B957F70C55B1EC7F85BEAA8EDC5F607
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: ECDD460A6CC236BC9C53F742BFDE8B95
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 72AD60956CE5CA436F85A227D18BDB39
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 95D026A33B899DA9ED2514FB7588B5BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 216D33831E21024D34118A84DDC972E8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: E9FE6B1601D84B81EA7A968C0E053547
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F939882431172555A7BEBC8D7724513D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 651D7B40A941EC8729DD3C03EA64E8D3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 8D832AEE603CB955417490D8DDAE85B4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 2C5D2DC280AA412748F1E4F56379F068
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 357DF12ADCCE6F488BCCBC6686CAB2E5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 8031FE0452E4901C178F7D3E394DDDFD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8B182ABF7E07BE23859F3D97137993CA
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F9B344E168CFFF4C7BEC1AF91CBFA7BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A474946FA0AD3C95CA8E5B3DD066C0C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4914D3A74B697061AEDE113296E6EA57
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FE0F9B3F2DD9C22F1BDE137E87D1075F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8AC55C77944604A7C88E469C788702A0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 786F5357F25618A8274FC8D1AC67A701
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E0434A92A79C0A916CC5B4CBF015EB01
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EA0AF65F66CD3FCEEC82E0DE7F5C12CB
Requests: 26 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1206795&orgId=28230&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.creaders.net%2F&vrid=f89438b6-c7ea-4ca8-81df-9f8ba30d69f3&pblob=
Frame ID: E354045C5D7DA4BD286B2D2F6F943BFC
Requests: 8 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: A26DE18B6AC92B5D0150C320DFB9D919
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1CF04ADCA94E036ED24F7BF90F7980F2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3C54BF1BE81ECE9B590982FFF0DFA060
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 611124FA1267E7B24B4C567645649845
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 2732B36FC1C96D07F01999BEB9F03DC3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 17B9509373BB7F0802DEACCA76F2CDAE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: FAEF6006950301ACA5619BD12DAD9AB3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 57289BF3A68598827A7166CF94AEC36F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A8F76A79AF2620BC5C3CC002C4CA696F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7EDFFC1C485E29CFB1448B72E9E73DD6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6E123A8CF3D1141C7A06AD3F569A3BE9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 18883C25794348C22DC220139BE67BAA
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 44C8F6149C47A4686CB02F099BCDE94E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 451990BED9975227A812DE4AB42F0AAB
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 8DF3FCCFAC8656D8393D3AA95C2A5F94
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 71653C441A45D94FCF73DE0D70F5F032
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 77A32738C9311C8F58864457379769F3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CF3C8BA83011C8B93E209B049A8B899A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2016FF68A1540EF43375A5CDB7BF003A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0AF9B80EA2D64735B281826BAE055DE4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: F23AE290F083A729FD1CF807C2B7E630
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 00EE100FB756DE8947B1A456C7795F05
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 806A17E316B362DA0D1F8582B8E6AE70
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: E97C41318C6852C893103A521B001492
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: E98D856831383E4A07C18C5A48CC1F69
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0142FAA792A27CBFA9E13E9B366071E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C32919039D2F698C1EB7D8EAE1051225
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 404F7F3683B51456D39669D508DC28D7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 26F45702567015644DA6EB65262EDF27
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 233A3BDAECF76BC177C2B84E00F367B8
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 89F101EC40C13F9CA55107C1525567A6
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: C35A8B0475D038B63D9074725F02A432
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 3D9E38AFE932F51F4FDAFE069C379493
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 553D74AA288D9B22485A70364818A29F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E1FA75B2EECDF77CEE3CA15809112477
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F36EDD8FB182F286C1FEBE39AE936018
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4D30ABB65BD81C851C33855CA2055E33
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72
Frame ID: 18461D12436453F27FCC9BA63BA88B1F
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 33C218AA1678DA77914460182EC48B6B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C9173E34A9E5C7EBFF2023BBA5CF1DA9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67f81162-52ee-49bd-b74e-faccff0dd637-003
Frame ID: 17BFA1C6A0EF533CC42C7E8BE445DBB6
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 83C79B8D3A68A1112C6BD71FD98AB432
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 48D79E730D1C2F08FDC1E52F134A258A
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 5CA0B58496FFCDD3A51D3CACCF00C747
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 05225FA9443A6814BBDAF72346193CFE
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: C88353E2A866D31AF369BE4A6398115C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=W4s3sCoITIdwWXYJXJLbkZBMbR4
Frame ID: 5504895E621E503B1EF600C80C1597CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZJ6bduzg1M7ji45&gdpr=0&gdpr_consent=
Frame ID: 07DC4DD5ADAF79560E09AD441F2328FF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D2051CC9E5D7902109061501AF209917
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 47CF90FDE8CC824CE1526A824C249D47
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: CB2BFDD8442B60DF6052F719C2095E65
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D6448AC7C10B3F2531C1A94B7C2317C2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: CCF0E42F1A4F4422D8DB3CAF06A6FE76
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 611FC0FD34BA13DFF080A50DDD70ACAE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: DCD075EDE8417920FCF09632207AE509
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 431FCA0E182B41F1B375F31063F39866
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 633EB9E391235BB8ECD7B0A068BDF265
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://creaders.net/ HTTP 301
    https://creaders.net/ HTTP 301
    https://www.creaders.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

915
Requests

99 %
HTTPS

31 %
IPv6

95
Domains

161
Subdomains

116
IPs

9
Countries

12803 kB
Transfer

31908 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://creaders.net/ HTTP 301
    https://creaders.net/ HTTP 301
    https://www.creaders.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=427358263&utmhn=www.creaders.net&utmcs=GBK&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E4%B8%87%E7%BB%B4%E8%AF%BB%E8%80%85%E7%BD%91%20--%20Creaders.NET%2C%20BBSLAND.com&utmhid=675223720&utmr=-&utmp=%2F&utmht=1627139408569&utmac=UA-3412968-2&utmcc=__utma%3D77545162.1620888283.1627139409.1627139409.1627139409.1%3B%2B__utmz%3D77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=706456768&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=1620888283.1627139409&jid=706456768&_v=5.7.2&z=427358263
Request Chain 82
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ROS?rnd=0.9727979688068238&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/www.creaders.net/ROS?ct=1&r=pbjs&rnd=0.9727979688068238&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
Request Chain 370
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 384
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDLtpTtQBDeAhjeAjII0goevw9MXWY HTTP 301
  • https://tpc.googlesyndication.com/simgad/16718395175647122093
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Request Chain 395
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
Request Chain 397
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Request Chain 399
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
Request Chain 401
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
Request Chain 437
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM8JINzMYgDoCiYdEYo9r-E&google_cver=1&google_push=AYg5qPIkK-IWSMx01eT7WecEsQiW6y3FRTng3q7FSvad3csdDuselSw9KbfMCSAK51Ms-SyjjIh8suHP24KuWkDZYVY9wFDIS_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE5MzQyMTc0MzY1NTQ2Njg2Mg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJn2J4v8t4GITPfwPrxsFtw&google_cver=1
Request Chain 439
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&google_cver=1&google_push=AYg5qPJ0b-4lIZ4TZJHL4unq49ggrZxpmKa8FgKfpg_83p4XpUwneRUPfXzZgNElcw-TTJ4aXEmM0-YN8nckkmcvkdefkccVpiQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&google_cver=1&google_push=AYg5qPJ0b-4lIZ4TZJHL4unq49ggrZxpmKa8FgKfpg_83p4XpUwneRUPfXzZgNElcw-TTJ4aXEmM0-YN8nckkmcvkdefkccVpiQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Wko2YmR1emcxTTdqaTQ1&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&google_cver=1&google_push=AYg5qPJ0b-4lIZ4TZJHL4unq49ggrZxpmKa8FgKfpg_83p4XpUwneRUPfXzZgNElcw-TTJ4aXEmM0-YN8nckkmcvkdefkccVpiQ
Request Chain 440
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEgj2N_dmX1QjPUD3Km_8r4&google_cver=1&google_push=AYg5qPLpYYxGQjZdGKo2nbr9hNuyUj2yfV6e50WGsUfv4R5FO-Szuv8UhfpOre8LFY4GypHEdqN0XGkZ2EJCc2e8UC5okBJ09sM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLpYYxGQjZdGKo2nbr9hNuyUj2yfV6e50WGsUfv4R5FO-Szuv8UhfpOre8LFY4GypHEdqN0XGkZ2EJCc2e8UC5okBJ09sM
Request Chain 441
  • https://um.simpli.fi/gp_match?google_gid=CAESEMHuSrLBz9EkTuwB-4vJzIU&google_cver=1&google_push=AYg5qPLYFm9xKct00VLC5qQYHElRE9r3qses2_rGU6sVOXGrLPI4GtO8HHtl-Q3TYTBUHyLbjWigMtQlAepjssp8l86-wT_EEkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA07E4C72B6B421E881E2906B9E39E93&google_push=AYg5qPLYFm9xKct00VLC5qQYHElRE9r3qses2_rGU6sVOXGrLPI4GtO8HHtl-Q3TYTBUHyLbjWigMtQlAepjssp8l86-wT_EEkE
Request Chain 443
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEktPCBgyV3Dft3AhBA6b84&google_cver=1&google_push=AYg5qPIccoafeSPtOby3I1MyOUmzCSBBEHeF0CHhoqdaa2FxjEKFu8LF9e65zs0eX_XhhZngDue2c_oNziknSZKXflZpeZGaZqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIccoafeSPtOby3I1MyOUmzCSBBEHeF0CHhoqdaa2FxjEKFu8LF9e65zs0eX_XhhZngDue2c_oNziknSZKXflZpeZGaZqw&google_hm=MjQ5MzMxNjk5Mzc1Nzg3NTYy
Request Chain 448
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECe_47NAxsWZRI0M4C2oq38&google_cver=1&google_push=AYg5qPISi5c0_EVkGC2aX_Ky2HTuiG_OhrbpS3Yi8pECGkLoNY2P_25DrTNIh_Ei6IQrfQHAOxqk1Fes7611l_4pCwpPFKqKGx58 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPISi5c0_EVkGC2aX_Ky2HTuiG_OhrbpS3Yi8pECGkLoNY2P_25DrTNIh_Ei6IQrfQHAOxqk1Fes7611l_4pCwpPFKqKGx58
Request Chain 449
  • https://um.simpli.fi/gp_match?google_gid=CAESELKvK8-dhv9xYE9Sfqp7Oys&google_cver=1&google_push=AYg5qPKhf6bmfwlwwJ_SpJ-AtaBH-PrfwcFu4JWezZgEh4uihFLfD4dTWmfqZPqcunwY1GQ-Faw-dMNbVA-MFi6B8Svt5FXoaFqj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD45E5673D1140C0BE47309827E5D454&google_push=AYg5qPKhf6bmfwlwwJ_SpJ-AtaBH-PrfwcFu4JWezZgEh4uihFLfD4dTWmfqZPqcunwY1GQ-Faw-dMNbVA-MFi6B8Svt5FXoaFqj
Request Chain 450
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGNjRFHvghZ_a0-vaGZ_5Cg&google_cver=1&google_push=AYg5qPKrtbf4SVLV9FxvnhOoMu578PElRueoNB7UMfks13bMnh4r9wXJEtoolPKjndPqr1huWHljJfAUnDxstP7_UoGZcWQtzzYF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKrtbf4SVLV9FxvnhOoMu578PElRueoNB7UMfks13bMnh4r9wXJEtoolPKjndPqr1huWHljJfAUnDxstP7_UoGZcWQtzzYF&google_hm=MjY5NzkwMjgxNjk1MjU3MzIwMQ%3D%3D
Request Chain 451
  • https://rtb.openx.net/sync/dds?google_gid=CAESEL1-Un3wkt-N9ih0yyil4SM&google_cver=1&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEL1-Un3wkt-N9ih0yyil4SM&google_cver=1&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg&google_hm=K6zh3MtkyTkUHuNSo9fc-Q==
Request Chain 452
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE9WUdRtaoSvknSKn_H3clE&google_cver=1&google_push=AYg5qPLeoD_6QfkOldiQnCDVsrsLs16_OcKRD4d9zjsBfEcJxNCgH9FHwXvM6KPYxK0PUi8kNhWk1uSsZECqaNniaaPHz1xH5Ar4 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE9WUdRtaoSvknSKn_H3clE&google_cver=1&google_push=AYg5qPLeoD_6QfkOldiQnCDVsrsLs16_OcKRD4d9zjsBfEcJxNCgH9FHwXvM6KPYxK0PUi8kNhWk1uSsZECqaNniaaPHz1xH5Ar4&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oh5gpX46QzOevaVM0Bxacg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLeoD_6QfkOldiQnCDVsrsLs16_OcKRD4d9zjsBfEcJxNCgH9FHwXvM6KPYxK0PUi8kNhWk1uSsZECqaNniaaPHz1xH5Ar4
Request Chain 453
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECBZmWPP5qAfXP_vfvvntzQ&google_cver=1&google_push=AYg5qPLETEaU1Nzsdm2kWUM0vX0X2E1XcCnL1qJNm8KkSIfKp146lqRQoF95frHswDuj5MVI7PiVoaURGtL3Hl04G-BGOMTaPMPJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLETEaU1Nzsdm2kWUM0vX0X2E1XcCnL1qJNm8KkSIfKp146lqRQoF95frHswDuj5MVI7PiVoaURGtL3Hl04G-BGOMTaPMPJ&google_hm=NTE0MTAyMzE0NTY4MzcwMTM4OQ%3D%3D
Request Chain 465
  • https://sync.1rx.io/usersync2/selectmedia?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D13%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=13&key=OPTOUT
Request Chain 466
  • https://u.openx.net/w/1.0/cm?id=36800e4a-7fee-40ba-bcb0-adf158f0815f&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=23&key=72b4d3c9-0d85-41ff-8307-89e84ad7a44b
Request Chain 487
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
Request Chain 488
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
Request Chain 492
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YPwtVAADCsPbxwAC HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPwtVAADCsPbxwAC&gdpr=1&_test=YPwtVAADCsPbxwAC
Request Chain 493
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6804258121256682580&uid=Q6804258121256682580&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 499
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=3e701114-ec91-11eb-9ff2-17d925990306
Request Chain 530
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Request Chain 531
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Request Chain 532
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=be7ba061-1f75-42b2-92c7-ccb01538df8d&expiration=1658675413
Request Chain 533
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 536
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 545
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf46923a-fde0-4033-9531-484e73f08dbb
Request Chain 546
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Request Chain 547
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-000da186-7a85-4a41-80e9-de9a85117753
Request Chain 548
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Request Chain 549
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Request Chain 550
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Request Chain 552
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Request Chain 553
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Request Chain 554
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8c016aaa-0fc8-4a32-9edf-134565bf136e
Request Chain 560
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Request Chain 561
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Request Chain 562
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Request Chain 563
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Request Chain 564
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53888301-a8a4-4f41-85ea-3ef40825e77a
Request Chain 565
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Request Chain 566
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-eb4e3310-8088-462a-8a0d-9f5dca94d34a
Request Chain 567
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Request Chain 568
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Request Chain 582
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Request Chain 583
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Request Chain 584
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Request Chain 585
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Request Chain 586
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=327bed14-e984-4ca6-b7f4-e4734e3997af
Request Chain 587
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Request Chain 588
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-82503141-8fb8-4cac-82e7-ef281327e213
Request Chain 589
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Request Chain 590
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Request Chain 598
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Request Chain 599
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Request Chain 601
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Request Chain 602
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Request Chain 603
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Request Chain 604
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-626bd590-c77e-4928-a15c-a5a90c985b18
Request Chain 605
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
Request Chain 606
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Request Chain 607
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Request Chain 613
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Request Chain 614
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Request Chain 616
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Request Chain 617
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Request Chain 618
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Request Chain 619
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=03981cee-8bc9-41db-9702-d6ebfb39ed13
Request Chain 620
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Request Chain 621
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-5aea36ad-3702-4feb-9da7-0f8a8da4259b
Request Chain 622
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Request Chain 634
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Request Chain 635
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Request Chain 636
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Request Chain 637
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Request Chain 638
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
Request Chain 639
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Request Chain 640
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f7a4194d-a87c-41f4-9545-9f9b7d4380ec
Request Chain 641
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Request Chain 642
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Request Chain 654
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Request Chain 655
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
Request Chain 656
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
Request Chain 658
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d19feac799fd34&expiration=[EXPIRATION]&gdpr=1
Request Chain 660
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Request Chain 663
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Request Chain 665
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
Request Chain 666
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Request Chain 672
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Request Chain 674
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
Request Chain 675
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Request Chain 677
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Request Chain 681
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Request Chain 682
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Request Chain 684
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9d119dbe-bf0f-43db-9448-5a27d7c67924
Request Chain 686
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
Request Chain 687
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Request Chain 689
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Request Chain 691
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 692
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Request Chain 693
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Request Chain 695
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Request Chain 699
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Request Chain 704
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d26cd93e505767&expiration=[EXPIRATION]&gdpr=1
Request Chain 707
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Request Chain 709
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Request Chain 712
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Request Chain 714
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 717
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Request Chain 718
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Request Chain 719
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
Request Chain 721
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5062e1fa-4e0b-40b9-96b5-baad7a14207e
Request Chain 727
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 728
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Request Chain 732
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c780b354-5724-4d7b-88f3-e4505134227e
Request Chain 737
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a936b685776b62023ffdfce1f7ccc63&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g012_6988510564868079559 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTkzNmI2ODU3NzZiNjIwMjNmZmRmY2UxZjdjY2M2Mw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTndGZouLhmlCaVyARYEbk&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e8bb80da-53a4-49d6-a3e8-dccd9415a15c HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a936b685776b62023ffdfce1f7ccc63&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-47ZQshZE2oOSgfoUwOMJowthspGb6AM6msYxqYP4~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=164231991169914520 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADUfk7B-FsAAE9uuup_KA&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPwtVAADCsPbxwAC&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=ZJ6bduzg1M7ji45&gdpr=0
Request Chain 739
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=W4s3sCoITIdwWXYJXJLbkZBMbR4
Request Chain 740
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
Request Chain 741
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403f043bccf66fccf&expiration=[EXPIRATION]&gdpr=1
Request Chain 742
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YPwtU7a51oJR9OeYghIdFAAA%261111&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a936b685776b62023ffdfce1f7ccc63&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&34673=YPwtU7a51oJR9OeYghIdFAAA%261111&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g047_6988510564868113648 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTkzNmI2ODU3NzZiNjIwMjNmZmRmY2UxZjdjY2M2Mw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTndGZouLhmlCaVyARYEbk&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e8bb80da-53a4-49d6-a3e8-dccd9415a15c HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=164231991169914520 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a936b685776b62023ffdfce1f7ccc63&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-47ZQshZE2oOSgfoUwOMJowthspGb6AM6msYxqYP4~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAB6SU7B-FsAAE9EZbuwlg&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPwtVAADCsPbxwAC&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2541304801777919633 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Request Chain 748
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827872676943449
Request Chain 751
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Request Chain 752
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
Request Chain 756
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403696129d86128a2&expiration=[EXPIRATION]&gdpr=1
Request Chain 757
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 759
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
Request Chain 762
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
Request Chain 766
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1fce60fc-2d54-4c00-94a5-14cec4f7c406
Request Chain 767
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=u6obo7_-SPSgq0z46_hQ8-_7TPSg_0XyvK3x26jz
Request Chain 768
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2541304801777919633
Request Chain 771
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENOCPcXSoMoK6kVYVjISJJw&google_cver=1
Request Chain 782
  • https://ads.adaptv.advertising.com/a/h/3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=?cb=7139412421&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.creaders.net%2F&eov=eov&us_privacy=1---&scpid=58fcbed1073ef420086c9d08&scpid=5c5bf265073ef44dbb3483fb&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.creaders.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=189&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=1&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=336 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=?cb=7139412421&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.creaders.net%2F&eov=eov&us_privacy=1---&scpid=58fcbed1073ef420086c9d08&scpid=5c5bf265073ef44dbb3483fb&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.creaders.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=189&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=1&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=336&a.y_rid=a3b98cf3-b4e5-4c3d-9e74-24a2e57d6ec7&a.is_yahoo=3&redirect_y=dHM9MTYyNzEzOTQxMzk0NS40NTA2ODQ6YXBpZD1VUDNlOTY0Mzg0LWVjOTEtMTFlYi1iNzEyLTAyZTIwNTIwZTgzNjpyZXF1ZXN0X2lkPWEzYjk4Y2YzLWI0ZTUtNGMzZC05ZTc0LTI0YTJlNTdkNmVjNw==
Request Chain 878
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEVWZrN0ItRnNBQUU5dXV1cF9LQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 880
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3948205146 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e8bb80da-53a4-49d6-a3e8-dccd9415a15c HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-67f81162-52ee-49bd-b74e-faccff0dd637-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-67f81162-52ee-49bd-b74e-faccff0dd637-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67f81162-52ee-49bd-b74e-faccff0dd637-003
Request Chain 883
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 884
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 886
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=W4s3sCoITIdwWXYJXJLbkZBMbR4
Request Chain 887
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZJ6bduzg1M7ji45&gdpr=0&gdpr_consent=
Request Chain 888
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oh5gpX46QzOevaVM0Bxacg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 890
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1fce60fc-2d54-4c00-94a5-14cec4f7c406
Request Chain 891
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ExRTYwQTUtN0UzQS00MzMzLTlFQkQtQTU0Q0QwMUM1QTcy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 892
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJAFoB-r-a2zB4joSWrrEC4&google_cver=1
Request Chain 894
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8193421743655466862&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 895
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPwtVAADCsPbxwAC&gdpr=0&gdpr_consent=
Request Chain 896
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8bb80da-53a4-49d6-a3e8-dccd9415a15c
Request Chain 897
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent=
Request Chain 899
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hXXqBnlE2uUrkr0SwMfNpBYFB6YH0h8-~A&gdpr=0&gdpr_consent=
Request Chain 900
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164231991169914520&gdpr=0&gdpr_consent=
Request Chain 903
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40ee637d-ec91-11eb-b318-299400e2b4a7&gdpr=0&gdpr_consent=
Request Chain 904
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx
Request Chain 905
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 906
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_E0BA0AD2_13F012661&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 907
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2541304801777919633&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8ef7e9c-e62f-48cd-941c-242755d0c834&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 908
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e7c6e370-6d0d-4d99-a04a-3bc26e2a97b8
Request Chain 909
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2541304801777919633

915 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.creaders.net/
Redirect Chain
  • http://creaders.net/
  • https://creaders.net/
  • https://www.creaders.net/
138 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
95753bb6752d427886c6b05db06a94c0b9846f9de377e55b78104f75b665258c

Request headers

:method
GET
:authority
www.creaders.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:07 GMT
content-type
text/html
content-length
26566
server
Apache
last-modified
Sat, 24 Jul 2021 15:08:51 GMT
vary
Accept-Encoding
content-encoding
gzip
etag
9c294b87429f0a344b8d1a2e2578aa79

Redirect headers

server
awselb/2.0
date
Sat, 24 Jul 2021 15:10:07 GMT
content-type
text/html
content-length
134
location
https://www.creaders.net:443/
css2011.css
www.creaders.net/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/css/css2011.css
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4319ca234a58b1be83026e7cd72dee5af80d3f1b22dc523a7fc1528d768f81ce

Request headers

:path
/css/css2011.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:19 GMT
server
Apache
etag
"2348-5aaaea7cfc8a4"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1541
index_new.css
www.creaders.net/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/index_new.css
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
25b7ae9d6f881e70694991c49cae6715fad05c4d42548e2363b3ec78e4ccc68c

Request headers

:path
/index_new.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
etag
"52d7-5aaaea7d765db"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4079
bootstrap.utils.min.css
www.creaders.net/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/css/bootstrap.utils.min.css
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8ab012389d1b12626da748e65b685bc4daa9365522985221abcc9a3122b0991d

Request headers

:path
/css/bootstrap.utils.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:19 GMT
server
Apache
etag
"1a2c-5aaaea7cfc8a4"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1296
index2019.min.css
www.creaders.net/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/css/index2019.min.css
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
42367582650e007d32a2231366a01ac5d6f3ccfa4cb0b490f7f630fb30d40785

Request headers

:path
/css/index2019.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:19 GMT
server
Apache
etag
"1cca-5aaaea7cfcc8c"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1776
jquery-1.7.2.min.js
www.creaders.net/js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/js/jquery-1.7.2.min.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
316078c9c98848eb48d06360d56148d3419d912a7889b750ebe7e310ed0e55a6

Request headers

:path
/js/jquery-1.7.2.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Thu, 30 Jul 2020 19:52:23 GMT
server
Apache
etag
"17278-5abae02cb68b1"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
33622
ad_func.js
www.creaders.net/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/ad_func.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5887f8cae644b0876cffbbf57e903d42e60cb21a2f1a0bc6b43851b9a3853285

Request headers

:path
/ad_func.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:19 GMT
server
Apache
etag
"2973-5aaaea7c61445"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2528
/
services.bilsyndication.com/adv1/ 		950 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/adv1/?d=357
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74739df3c58f8fb7002319f4fcb33d8f578c87f092e5ca6f5cbd16a0e5bb65ad
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 24 Jul 2021 15:10:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
673e12d43e481f4d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
index_02.gif
www.creaders.net/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_02.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3dd6197f07c4b2e086660eb18fd8f4501e2f5bbd62f083a693f211f72d0006b8

Request headers

:path
/images/index_02.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"2b25-5aaaea7d58563"
content-length
11045
content-type
image/gif
index_06.gif
www.creaders.net/images/ 		669 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_06.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9a7c4ac02d7eac182af036b2e0f9c8df358db63ef036db3a626449b265500e9d

Request headers

:path
/images/index_06.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"29d-5aaaea7d58563"
content-length
669
content-type
image/gif
index_09.gif
www.creaders.net/images/ 		55 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_09.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fcc58fad3b8c00f036b043463f765940b3bd0a443cfc7394800af9de810f907c

Request headers

:path
/images/index_09.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"37-5aaaea7d58563"
content-length
55
content-type
image/gif
index_18.gif
www.creaders.net/images/ 		170 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_18.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
15d102746c4da4e0c776010d065962a5f3dbfbc5f03865314f1530bdf6b4ef1d

Request headers

:path
/images/index_18.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"aa-5aaaea7d58563"
content-length
170
content-type
image/gif
2017112109335234.jpg
pub.creaders.net/html/site_ad_images/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/html/site_ad_images/2017112109335234.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
59e4f5a70ba9fd3a18d0caf761d18d86465ef122383f18eff5dcfa528d403fc8

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Mon, 09 Dec 2019 18:35:31 GMT
server
Apache
etag
"30657-59949a906a2c0"
vary
Host
content-type
image/jpeg
accept-ranges
bytes
content-length
198231
2021030909132993.gif
pub.creaders.net/html/site_ad_images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/html/site_ad_images/2021030909132993.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0e549932d532ca069860e7cc3cf485876afd1bb39743bc1d1dd1f0655b06de95

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Tue, 09 Mar 2021 17:13:29 GMT
server
Apache
etag
"9cf0-5bd1dab4e73d4"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
40176
20210724_16271384758311.png
pub.creaders.net/upload_files/image/202107/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202107/20210724_16271384758311.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
df0f832eb27121629b0c88e95708f05cf97a2969f61599ea1d23ce0e5ad1cbdf

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 24 Jul 2021 14:54:36 GMT
server
AmazonS3
x-amz-request-id
PYV9XD2SGKWE2VBG
etag
"9ad9df20edfba8bdf53c9d0f1b77280a"
content-type
image/jpeg
content-length
29880
x-amz-id-2
WP1Hh0vCJ/gvRpkMCsJ22cYZQwwCujKO6MV0NZ3I9mNyIsFGuCTYrdN7M1ujHNtxi6+e3/Czbk4=
20210724_16271377807648.png
pub.creaders.net/upload_files/image/202107/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202107/20210724_16271377807648.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
c09d804ad3bafd61edf222e6b486be725e22bfcdf8d26b37b5ee105fa105a36a

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 24 Jul 2021 14:43:01 GMT
server
AmazonS3
x-amz-request-id
PYV4W4YBK3CAFC8A
etag
"187f30ece7de1a5d1d7a02d53869c645"
content-type
image/jpeg
content-length
42343
x-amz-id-2
hllAOQPSbV1Y4sGMswYOlxVH9kDcSbVDRBDJIKXT3dmNDSA/qZ9Y+BDDJmxh9xdOWYhWkNdMjyo=
20210723_16271099024823.png
pub.creaders.net/upload_files/image/202107/ 		522 KB
523 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202107/20210723_16271099024823.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
dd46d22585f855078e8acf526d12c34675612f23e96a9e9cd29cbd8e3d1dcdb7

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 24 Jul 2021 06:58:23 GMT
server
AmazonS3
x-amz-request-id
PYV4PHJEW53MTSFA
etag
"eb1453e5ebe5d30d05ffdd1481a9efad"
content-type
image/png
content-length
534398
x-amz-id-2
uGo8j5UmbS1g1sNeaDjIM/hEyEwu3BxAGeySa6+vamqjqcRjUWzkXdKqDd9MqwtyD7hmJn5zkpc=
20210723_16271086684095.png
pub.creaders.net/upload_files/image/202107/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202107/20210723_16271086684095.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
841a55b863462cb4a06baa9a6ca0a0825258f940ba7234c4bffa18fa593bf229

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 24 Jul 2021 06:37:49 GMT
server
AmazonS3
x-amz-request-id
PYVD4FME6Q5RTJ9R
etag
"290f2f6544710504b6ea8bb86db3bfef"
content-type
image/png
content-length
206269
x-amz-id-2
R8yO27ttnkM4tX/ixQ8c4un1rgpvnzZE+RR/ldzIZVqyP649/12vL5wZTeV74UJsSDIFgpm74LY=
20210723_16271083642449.jpg
pub.creaders.net/upload_files/image/202107/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202107/20210723_16271083642449.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
677ec686791006ac01c8c67c130b7d8ec1a0b4c7e46d710dc63940895a781fa0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Sat, 24 Jul 2021 06:32:45 GMT
server
AmazonS3
x-amz-request-id
HYH4T8PDMF7RAGJE
etag
"9c0c832cbdecbe654d8cec42d35cb1f7"
content-type
image/jpeg
content-length
40015
x-amz-id-2
xVOtFY0a4ts3Ork4JN4/5GbREMX3Pt5GYRXgjRS0uqyBoA5aqb5q+lNKetK4GjKzzviiQy66ke8=
20210723_16271036794250.jpg
pub.creaders.net/upload_files/image/202107/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202107/20210723_16271036794250.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
fb2c8b3c90bf696532f0f4340068b0182bb4ef93e00647b40c49097d27835c16

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Sat, 24 Jul 2021 05:14:40 GMT
server
AmazonS3
x-amz-request-id
HYH2VH9CNA9759TK
etag
"8a962fe545ebf247d0d08fb786c83081"
content-type
image/jpeg
content-length
79168
x-amz-id-2
HcIyWRZV3WbOesKVWR5r08L40gKoVRmx3zwP+7zxx67rv/V9FnfEQXeBlFoQ6B4vdcPpmWth7j8=
tpl.js
www.creaders.net/js/ 		1 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/js/tpl.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
2f3ad0ffe6ce43c17ea893eef15fb5e5949ccdd71fcce39454ef371f3cbb6d53

Request headers

:path
/js/tpl.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 01:36:07 GMT
server
Apache
etag
"513-5adbdd7fe0ead"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
722
favicon.ico
www.bcbay.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bcbay.com/favicon.ico
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.79.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-79-19.us-west-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
43f0fceee5f0937838e3818c0bb4f30a4e919474d0f9afb01c1d1a3e3efac60e

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Tue, 04 Jun 2019 01:01:53 GMT
server
Apache/2.4.6 (CentOS) PHP/5.4.16
accept-ranges
bytes
etag
"25be-58a7506c60240"
content-length
9662
content-type
image/vnd.microsoft.icon
2020080510121170.gif
pub.creaders.net/html/site_ad_images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/html/site_ad_images/2020080510121170.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
eb1b9efd61775200d31b799c294be2caa2ff34a66687455f627db4b3d56df8ee

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Wed, 07 Jul 2021 21:42:39 GMT
server
Apache
etag
"127d-5c68f6aeae2b8"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
4733
2017112109345542.jpg
pub.creaders.net/html/site_ad_images/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/html/site_ad_images/2017112109345542.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
72b78947407222874e235aa268f3fc6bb5ae0453387756ca9145ea6b9af9911b

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Mon, 09 Dec 2019 18:35:18 GMT
server
Apache
etag
"2732a-59949a8404580"
vary
Host
content-type
image/jpeg
accept-ranges
bytes
content-length
160554
default.jpg
i1.ytimg.com/vi/8CC0a7p4WMw/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/8CC0a7p4WMw/default.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fabb6e86e0405cfb84f133ff9356d6c0654c80dfd5f853b62b1980ae7508daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:06:21 GMT
x-content-type-options
nosniff
server
sffe
age
227
etag
"1626988278"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4035
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:11:21 GMT
default.jpg
i1.ytimg.com/vi/QiPc_lK7isM/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/QiPc_lK7isM/default.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b92d134eadcf2a7a746799aca9cccb620f19f85f859bae109ee8ba2b2f07fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1626928611"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4266
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:15:08 GMT
default.jpg
i1.ytimg.com/vi/tmekoLA01wg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/tmekoLA01wg/default.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ef7a457619d34da427c420e6e709edea156e1687920cea0444d5189924e88f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
x-content-type-options
nosniff
server
sffe
etag
"1626998826"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3747
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:15:08 GMT
default.jpg
i1.ytimg.com/vi/gwAxr9N97_k/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/gwAxr9N97_k/default.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3c793044d2e2408438543934234529ff0791d94d4f7455d55f454ff6375f767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1626984867"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4415
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:15:08 GMT
1390955637.jpg
pub.creaders.net/upload_files/image/sub_image/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/sub_image/1390955637.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
16577cc348968e231e815b799812d1fdcb2910f86d3537fa629d5ff992a82da2

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Sun, 01 Mar 2020 04:53:48 GMT
server
AmazonS3
x-amz-request-id
HYHDN43SS3GKP3VS
etag
"6635be09f41e6ff9ce6939327f05614d"
content-type
image/jpeg
content-length
51539
x-amz-id-2
q1ojKOxLRgK4h8Q7rDzFxxIq46RUbFp4Ja2M/cnEkpIiWeJM2VtqYU1LvHccJ4xjsbbB+sdcPTY=
1381122343.jpg
pub.creaders.net/upload_files/image/sub_image/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/sub_image/1381122343.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
169e287de6de0ea6fd6cd284692ad26928fb71bcf5d2a4a34b04a7ec6e6caaab

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Sun, 01 Mar 2020 04:53:48 GMT
server
AmazonS3
x-amz-request-id
HYHCX41N62A28SN9
etag
"bc793f421d7850e8527da81adc5cded5"
content-type
image/jpeg
content-length
44569
x-amz-id-2
3WS1+ezIQBa1r/NXHOFRxRcQQWI/YZvvcbO2w/4z4/Fd0+Wl4em/n8kmtgtpwMsa5McmgBV5s98=
1381122380.jpg
pub.creaders.net/upload_files/image/sub_image/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/sub_image/1381122380.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
7b4983b4be2f7da714ab16a624990dc48eee5ab968148216fa4a7805b167099c

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Sun, 01 Mar 2020 04:53:48 GMT
server
AmazonS3
x-amz-request-id
HYH8Y17P9PCTZA1W
etag
"a48bea0dcc60560af0ee6cdcde6e0253"
content-type
image/jpeg
content-length
41412
x-amz-id-2
ZYJReRJcUqvioxdqPDtj0zhiRcvm+wCRZbnZjDkm2X9gbaYH94qwzAWUGp/+jPmC5nvxmQ7mSUA=
1381122477.jpg
pub.creaders.net/upload_files/image/sub_image/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/sub_image/1381122477.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
1613a478e45ae5bde3a1194205480a0d7e6b47c836183ac6b19349a37435c6ad

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Sun, 01 Mar 2020 04:53:48 GMT
server
AmazonS3
x-amz-request-id
HYH4J3P95BNQFSEW
etag
"cbbcea1f617ec994577e39d1d4692c93"
content-type
image/jpeg
content-length
40878
x-amz-id-2
9obw77C2HIi7xWKLQG/SaVaOywasI4+ndlRLxcBCCSi6D0/U3637XF7BR4Zkkcjxa+LUp+4Faag=
3344.png
www.creaders.net/images/index_new/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_new/3344.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c0aa6426aa0bd2b6dc1486fa60cf2053db30c16df81e9be1c622d30341107c5d

Request headers

:path
/images/index_new/3344.png
pragma
no-cache
cookie
__utma=77545162.1620888283.1627139409.1627139409.1627139409.1; __utmc=77545162; __utmz=77545162.1627139409.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=77545162.1.10.1627139409
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"b2c-5aaaea7d59503"
content-length
2860
content-type
image/png
newyork.jpg
classified.creaders.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/newyork.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7c0e6d9eddc635a248c7da2a1f9cf2156ee7cb550168c6259690f2dbaf9f464d

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"5ce-5ad5b20950603"
content-length
1486
content-type
image/jpeg
LosAngeles.jpg
classified.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/LosAngeles.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5baedaeb2bf41d2d78af92d0afff2bf9c958bdf1e7c9a41d1c21b179bb5f9b36

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"6f7-5ad5b2094fa4b"
content-length
1783
content-type
image/jpeg
SanFrancisco.jpg
classified.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/SanFrancisco.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
79f6e9c50512e949d072128ffcd0e0784a2b12c7161a22fedb0077ad833d665b

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"68f-5ad5b2094fa4b"
content-length
1679
content-type
image/jpeg
Houston.jpg
classified.creaders.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/Houston.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ac40ad574c56feb2690978100c0092dbe1b604811c2a6ac597d848723e4613f2

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"5f5-5ad5b2094fa4b"
content-length
1525
content-type
image/jpeg
chicago.jpg
classified.creaders.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/chicago.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8ae00306163f7447a84f0aec568e63420a54926d6b4a42da2a001b839fd8c594

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"5df-5ad5b2094fe33"
content-length
1503
content-type
image/jpeg
Toronto.jpg
classified.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/Toronto.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
74486198c7c6848c0f3e02ce7cedfce968005a10ce2853739694e50bc6039ea9

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"6ab-5ad5b2094fa4b"
content-length
1707
content-type
image/jpeg
Vancouver.jpg
classified.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/Vancouver.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
15041f040659f865ea1cb112668c29472c8d93f6e5c8233a30819985fc073890

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"755-5ad5b2094fa4b"
content-length
1877
content-type
image/jpeg
Alberta.jpg
classified.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/Alberta.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3121ee737d5b1419cc35390fe043cf5bc48e46c6e1a4527b945a49ffb2576a7c

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"8da-5ad5b2094fa4b"
content-length
2266
content-type
image/jpeg
Montellier.jpg
classified.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/Montellier.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d1fc237758bf51bada48c26009e4f5fc850343402e4c6439fbb7fcaf8aa2c554

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"8eb-5ad5b2094fa4b"
content-length
2283
content-type
image/jpeg
other_city.jpg
classified.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classified.creaders.net/images/other_city.jpg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f3c746da6c5c19261ade6c1c5633bcf228b951b2d025ff0d792f0ac070322564

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Fri, 21 Aug 2020 03:49:43 GMT
server
Apache
accept-ranges
bytes
etag
"8e0-5ad5b20950603"
content-length
2272
content-type
image/jpeg
site_foot.js
www.creaders.net/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/site_foot.js?lang=gbk
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ab24a4b21696e4ff4dcf50140d706443390d9a713c01b3e62ee22b116b416801

Request headers

:path
/site_foot.js?lang=gbk
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 01:36:07 GMT
server
Apache
etag
"547-5adbdd7feed55"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
803
firebase-app.js
www.gstatic.com/firebasejs/8.3.0/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.3.0/firebase-app.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6476
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:35:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 01:12:53 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.3.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.3.0/firebase-messaging.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10873
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:36:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 01:12:54 GMT
firebase-messaging.js
www.creaders.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/firebase-messaging.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b06a6a544a5f4ad8f2b3c8a7fe675774ec447c90e6d4df2d40da1d4627494d2d

Request headers

:path
/firebase-messaging.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
last-modified
Sat, 24 Apr 2021 02:24:49 GMT
server
Apache
etag
"c4a-5c0ae9de53467"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1329
gpt.js
www.googletagservices.com/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43c70c5f3b7a3a6ea577f5c5536a4a515e8723e81e749935e9e8385894256959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"938 / 233 of 1000 / last-modified: 1627080183"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24037
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:08 GMT
/
services.bilsyndication.com/uv/ 		13 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/uv/?page_url=https%3A%2F%2Fwww.creaders.net%2F&mtk=357
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=357
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:08 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 24 Jul 2021 15:10:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
673e12d649bd4e08-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
48fa7cd880dd48ce89b6a7d4785f9ea2.js
biltag.bilsyndication.com/v1/1627126497/ 		547 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3597698e5ac7b02a149e71721a736fc661a1bc9ec3438b786ffc46919e81b1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
12897
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
673e12da48c31f4d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
index_03.gif
www.creaders.net/images/ 		380 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_03.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/css/css2011.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
536407a4dce35818b35f3f7d25b86e9b409e36bbc76b5f22779f61f915b2f84c

Request headers

:path
/images/index_03.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/css/css2011.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/css/css2011.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"17c-5aaaea7d58563"
content-length
380
content-type
image/gif
an1.gif
www.creaders.net/images/index_new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_new/an1.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
31b18c64d3272ecdfbe93930616e404b10f6d3bd521815b80ff79b84fb4539d9

Request headers

:path
/images/index_new/an1.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"4fc-5aaaea7d598eb"
content-length
1276
content-type
image/gif
an.png
www.creaders.net/images/index_new/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_new/an.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
477c95d16842ab51488b2fa32f814bddae042d8176e240392b195d69bc3d3e07

Request headers

:path
/images/index_new/an.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"ece-5aaaea7d598eb"
content-length
3790
content-type
image/png
new-xx_03_1024.gif
www.creaders.net/images/index_new/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_new/new-xx_03_1024.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7bbac4123b9f3bc5aba633a37b6065921f1ca36deffa2aa945818a281d044285

Request headers

:path
/images/index_new/new-xx_03_1024.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"3fd-5aaaea7d598eb"
content-length
1021
content-type
image/gif
T01_06.gif
www.creaders.net/images/index_new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_new/T01_06.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
64c14581dfec4a200e6d8c06b13358d9bdbdbf855b70a7407380d8f2ecbc76aa

Request headers

:path
/images/index_new/T01_06.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"4fd-5aaaea7d59503"
content-length
1277
content-type
image/gif
mod-bg.gif
www.creaders.net/css/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/css/images/mod-bg.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/css/index2019.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4d564bba73f5a1c63365d9932513b309ccea6df6950d00c86d0da3c95a50ca2e

Request headers

:path
/css/images/mod-bg.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/css/index2019.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/css/index2019.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:19 GMT
server
Apache
accept-ranges
bytes
etag
"486-5aaaea7cfcc8c"
content-length
1158
content-type
image/gif
102.png
www.creaders.net/images/index_new/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_new/102.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/css/index2019.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c7516b342b45b8e59b5bc1b98d39bad3526810d08471991a699b17d80949c92c

Request headers

:path
/images/index_new/102.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/css/index2019.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/css/index2019.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"b08-5aaaea7d58d33"
content-length
2824
content-type
image/png
mod-icons.png
www.creaders.net/css/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/css/images/mod-icons.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/css/index2019.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
32c8dd1d72a4f93f0411f68958bad24d76bb0e40919a77dd35adefde01401373

Request headers

:path
/css/images/mod-icons.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/css/index2019.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/css/index2019.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sat, 18 Jul 2020 03:13:19 GMT
server
Apache
accept-ranges
bytes
etag
"1616-5aaaea7cfcc8c"
content-length
5654
content-type
image/png
index7_147.gif
www.creaders.net/images/ 		53 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index7_147.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/css/css2011.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c15a4d046e7ba321ea0382df516e0416522465d57d9867703b2169cf6c23b76b

Request headers

:path
/images/index7_147.gif
pragma
no-cache
cookie
__utma=77545162.1620888283.1627139409.1627139409.1627139409.1; __utmc=77545162; __utmz=77545162.1627139409.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=77545162.1.10.1627139409
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/css/css2011.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/css/css2011.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"35-5aaaea7d58563"
content-length
53
content-type
image/gif
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-121.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
7592563
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
VHy0pcAGf5DKrG_EFZ_PR5nT3_7ZmN57kpn115p_Neb5-JCAX4Z5gQ==
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 31 Jul 2021 15:10:09 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1033
date
Sat, 24 Jul 2021 14:52:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 24 Jul 2021 16:52:55 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=427358263&utmhn=www.creaders.net&utmcs=GBK&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E4%B8...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=1620888283.1627139409&jid=706456768&_v=5.7.2&z=427358263
35 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=1620888283.1627139409&jid=706456768&_v=5.7.2&z=427358263
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 24 Jul 2021 15:10:08 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=1620888283.1627139409&jid=706456768&_v=5.7.2&z=427358263
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021071401.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 08:38:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117283
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		278 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.creaders.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
39ffa56a2c8c9cffa875a8f164cd6409f76c2115dcc3284b3317b8f1f8ea1a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:09 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E4%B8%87%E7%BB%B4%E8%AF%BB%E8%80%85%E7%BD%91%20--%20Creaders.NET%2C%20BBSLAND.com&time=1627139409035&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.creaders.net%2F&random_number=16804895516&sess_cookie=68aff78f17ad911048a1a7ce886&sess_cookie_flag=1&user_cookie=68aff78f17ad911048a1a7ce886&user_cookie_flag=1&dynamic=true&domain=creaders.net&account=gYXUm1a4KM+2mh&jsv=20130128&user_lang=en-US
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-27.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 03:30:09 GMT
Via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
42001
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
DUS51-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
xXi4W_3gbWm8NJssDgmcCwHa-9dIht_sB4NREoBvYMx8RHl_UeF6aQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.17.33.216 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-33-216.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
Server
cmp-v2.0.1.js
assets.bilsyndication.com/plugins/cmptcf2/ 		267 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
118680
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
673e12daea0b1f4d-FRA
expires
Fri, 23 Jul 2021 06:42:09 GMT
prebid-v5.5.1.js
assets.bilsyndication.com/prebid/default/ 		442 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b06a7d56906a19a7c72820bc3c88cfa2092a3eb6ba47b3858b238e135a4e653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
274370
cf-polished
origSize=453253
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Wed, 21 Jul 2021 10:56:56 GMT
server
cloudflare
etag
W/"60f7fd78-6ea85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
673e12db2bdc4e08-FRA
expires
Wed, 21 Jul 2021 11:27:19 GMT
viPlayer_v46.min.js
assets.bilsyndication.com/plugins/vlPlayer/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/vlPlayer/viPlayer_v46.min.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8b603bbdee587bef7e1db6f4b8f807b1623bbbac47a8adf73b3b31e3b2124c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
298180
cf-ray
673e12db2be14e08-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Jul 2021 04:12:57 GMT
server
cloudflare
etag
W/"60f79ec9-374e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Wed, 21 Jul 2021 04:50:29 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:09 GMT
sf_host.min.js
assets.bilsyndication.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1252960
cf-ray
673e12db2be04e08-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Sat, 10 Jul 2021 03:37:29 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding
gzip
server
Server
age
589
etag
f8520ea4ebd91256d6b4f461d472242a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Sat, 24 Jul 2021 15:00:19 GMT
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BqhxDExREIcxKMB--hg6BqDX7HHXD35pTC2jC_kovlq0s4qpDB_a_g==
rules-p-e4UytPLDQQKlw.js
rules.quantcount.com/ 		3 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-e4UytPLDQQKlw.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 22:07:01 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
age
61389
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:01:36 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
rYlThK1XZSvVPy__hxqCqQlE73VLqxg_F8Sgv3MUh9REaf4GoFlEvw==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
34794
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Sat, 24 Jul 2021 05:30:16 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
1UNxNYU8CxvGc6wT6bpPS8QzFCJtMjTERhnhDZWwGXJZwlE6xxHLCw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.creaders.net%2F&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 22:01:41 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
server
Server
age
61708
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.creaders.net
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
nrYeWXPcwzzvrXmIthO84v4mOFAua7rbQObMBz4wJ9sq4aBlEOX_zA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210724
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53f0a09105985bc90ccabdd296ce7597542f5b0a9773fd22c37702a9006903ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
100
x-jsd-version
1.0.1048
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
949
etag
W/"69d-ivs490kLrVIz1Cw10G6wNnJuVjY"
x-served-by
cache-fra19145-FRA
x-jsd-version-type
version
date
Sat, 24 Jul 2021 15:10:09 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
bf2d1c757c6a13c22dbde9cc275e54652095271e65b32e3dcbd799aaf7a3ef7c

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs-simple.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
337d951c-a98a-4bd9-93b1-9389e2d51df7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmvheNmn58WpHZNqlk9HiE74MXrOjc7X7cjcdnaCkp8p%2BtAc3MCCslvQtlSqCCd4N3x8wKr7lfTi1zv1iPklGT1rErePDFMQnE8RvwPvgXjo2Pf6%2BzL%2F7aA0G%2BnwmJmH4Tb9YKTonveAcrHxDLq68ihN"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
673e12dc6b7f4e61-FRA
ROS
ads.us.e-planning.net/hb/1/2c995/1/www.creaders.net/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ROS?rnd=0.9727979688068238&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=...
  • https://ads.us.e-planning.net/hb/1/2c995/1/www.creaders.net/ROS?ct=1&r=pbjs&rnd=0.9727979688068238&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0...
63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/www.creaders.net/ROS?ct=1&r=pbjs&rnd=0.9727979688068238&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a56f39b41550e992e42c04e87f83d631efec1f75820b532bb4aee5f2d809da58

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.creaders.net
expires
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-731

Redirect headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
openresty
access-control-allow-origin
https://www.creaders.net
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/www.creaders.net/ROS?ct=1&r=pbjs&rnd=0.9727979688068238&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-731
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sat, 24 Jul 2021 15:10:08 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.creaders.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=38148458060
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:08 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
a19fcfb3-2428-4ba7-9bd6-a25a1f373909
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
a3f44b00-7df6-4a94-bbd4-d83dcc774743
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
80ae57a8-afdd-476d-b8da-af3b79276cf7
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
e5262059-bd5e-4370-ba5f-fd63599c2128
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
15b6070a-02bc-40ad-96f3-dd43c9c19972
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2231b4b070a81987c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22323fc97241ba939%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A180%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22180x150%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
98c4b93ecd434377d2d62c3cffa4801c83130794a58433eb8195cf5259ea909c

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2231b4b070a81987c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22334bde35814ee5b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x168%22%7D%2C%22video%22%3A%7B%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22playerSize%22%3A%5B%5B300%2C168%5D%5D%2C%22placement%22%3A4%2C%22w%22%3A300%2C%22h%22%3A168%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
98c4b93ecd434377d2d62c3cffa4801c83130794a58433eb8195cf5259ea909c

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
prebid
ib.adnxs-simple.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
45e6331d-768c-41fc-9228-df21ca034f0f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.creaders.net%2F&pid=77IR1QAEFvcAx&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
NUt_vfiqbBljADUjj7Y0UUmUYrDwi33BNUj13eLMU3c2-NlMCnqQeA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.creaders.net%2F&pid=77IR1QAEFvcAx&cb=1&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ITuFogkrr_rIilNRC7EusyWtNHqNqsX9UE3VmskMAVUi5OYBOwAHeQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.creaders.net%2F&pid=77IR1QAEFvcAx&cb=2&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
0bwc3iAJaUgqpv0mUVCgNlV-ASDjTwOhzAkBlq3N5-XgMU5tsvbCCQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.creaders.net%2F&pid=77IR1QAEFvcAx&cb=3&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
_8BH5zNQGFGXiBO_BJtwup9tt5sOJgLyv_2AgbCsQCCVUR3ucOxbwA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.creaders.net%2F&pid=77IR1QAEFvcAx&cb=4&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Jj3UDJ90YijF0BRLNqikTsuWsgO7FldnCtbyTZAqQWJR-emGNwSbYQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.creaders.net%2F&pid=77IR1QAEFvcAx&cb=5&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
r8VKyWLyfkhZop8w_-p_wrcdOnAt-VXNlSQ0Lhr6gFpAGdxzvIOHmQ==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
quantumdex
useast.quantumdex.io/auction/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwcAtg7t1J9rI98AouC7NUfDJJJJlvCPA%2FVzZZHoh4YvRBWUHfBfqXS4mGG45AR5y3ZZ1A6%2FvI%2Bzg4aTOEDeiExZ7AVrkSY9%2BR9oMy8rECfi8%2BRH7KQ1iIXOcAekaEmywRyCC4GV3wbQe%2FH%2FEF%2BtYbs2"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
673e12dd4d234e61-FRA
prebid
ib.adnxs-simple.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
3589b36f-912f-4d03-8c3c-30a85e80beb3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2241fc4d37605be38%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22427f0a4aefde9f1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A31%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x31%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ac10096b5d531c7187fcdfbbc7bcf1bf20018aefb49c9f2434421dde3e4efed3

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
092ffd0a-be74-43c1-b779-b3773832ec85
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
cca3328a-a717-4245-9559-4a86522ee295
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
ec0bd92f-15ed-49a8-b29a-579929ddbfd9
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=69312829665
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ 		62 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ROS?rnd=0.9727979688068238&e=320x50_0%3A320x50%2C300x31%2C300x50&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
7383ac38ae458ef58c0ba59e7ba47457fc0aab3befda09d9cec812b113c8101d

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.creaders.net
expires
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
AMS-731
c
prebid.a-mo.net/a/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sat, 24 Jul 2021 15:10:08 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.creaders.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs-simple.com/ut/v3/ 		139 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c2bf74f280fd6c91ed19c2b48f6e666805d8e70e6f4233dbc708095a7c59bfdf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
4d79d338-78d2-44fa-845e-3ca6af85dd3f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a4ea7880096&pos=8a96957d01727298b51a9a53973900a9&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
574789b690b8f2547eb09dac4183f5d5434179c3fa79b552815a2a6b52421597

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
86283617-00bc-4a48-8941-dd868968fb1f
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
551b47c2-cee9-47e0-a1df-1f390c5a77ef
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
4614b87c-f704-4329-b7ed-3b141655b112
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
09591a0e-682c-488b-945f-57ead8bcae5a
prebid
ib.adnxs-simple.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
e0a11da0-5cbf-4d32-8aca-a8efae8f20d2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
5592988a29cee9506afa716931d7c70cf1c6cb31fd845c1b065d1cb3cdd00575

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22736d1ff780e2de8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227468b180a8a1df3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1024%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%221024x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
77228ed1579a971963b804765b4a00016d90a6822311a790a56ea7604368bccc

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
quantumdex
useast.quantumdex.io/auction/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPBQ2Vx7N%2BdKgGEk7CBSQJls4Q8OoKmb8%2FfAq93dovVfD6P3qD73F8Y1jCL0uKS4vS%2FF5z6Q%2BVqOrun0SWXMnl03zAuK7mURMI3%2FcQooPTC2T9ogXQO3FMdw1pmJidvxiStpWF6%2F8Zkl02IgFLMu21Pc"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
673e12dd8da34e61-FRA
prebid
ib.adnxs-simple.com/ut/v3/ 		138 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f64265e08ef4167fe4e04b8cbd72d93539c2c024eb5a5d9db8c2149112610325
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
a2d1f2a7-8d7e-403b-abb2-288165d3f787
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sat, 24 Jul 2021 15:10:08 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.creaders.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ 		62 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ROS?rnd=0.9727979688068238&e=728x90_0%3A728x90%2C970x90%2C468x60%2C1024x90&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef6ed26fba3ab58bb98a74fa5a017d154398e66914ae1825d802783901e6d6e3

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.creaders.net
expires
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
AMS-731
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=51591384881
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:08 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ROS?rnd=0.9727979688068238&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a56f39b41550e992e42c04e87f83d631efec1f75820b532bb4aee5f2d809da58

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.creaders.net
expires
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-731
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2296ff3ba98056806%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229768a09317f75f3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A180%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22180x150%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
842f769e119a4f1a82ede582f94b02114b2c022e5e10175ebd0607c22f08858f

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2296ff3ba98056806%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2298d6949c821fdb8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22336x189%22%7D%2C%22video%22%3A%7B%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22playerSize%22%3A%5B%5B336%2C189%5D%5D%2C%22placement%22%3A4%2C%22w%22%3A336%2C%22h%22%3A189%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
842f769e119a4f1a82ede582f94b02114b2c022e5e10175ebd0607c22f08858f

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
17b8d0d4aabc9b7a75a333761b1fe300d0f80bc9c020d6027eae51b01a625efc

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=86845277770
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
c
prebid.a-mo.net/a/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
x-nbr
1
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
vary
origin, Accept-Encoding
quantumdex
useast.quantumdex.io/auction/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSaGMK7sB4TWaZMEpfH5f%2FwXXHXDaCNUYhaL1QEe1Yi1gIooTPlC1l2f5KhsowCmpAZP2wmqKS0FqAXzSQd49j%2BRuCi4Y7jvhknTNTG2i%2Bf0VbtGFCAVhbFgwUDKhl4x00pQpRmPd0RrcNDWC1cYCPws"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
673e12ddce064e61-FRA
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
08eb2a1d-d22c-4a9d-ad24-b7d66d873828
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
0bbb3648-9510-45de-b7b8-4309efe5c30a
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
2edecc05-3de4-4e57-b56c-e76361a86c5c
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
427e0f2a-98fa-4ec6-beb0-eb780366411e
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
131517d8-aecc-4879-b441-24af6cc093ac
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
b2217858-6e63-4eed-a52b-c1e2ae50f93f
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs-simple.com/ut/v3/ 		251 B
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
10df7379ffc33c4cf072840c897e8b3f6e87f8543a1df1375d82f7ec4164a7fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
b18b6611-9d90-4b67-a2ce-5e8d884309d5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
251
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs-simple.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
56420821-e607-4469-b689-ef9dca6fd726
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
px.vliplatform.com/bi/ 		0
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNPTPAYPAB-wqYB-PZZt-qUKA-ZTUetwKeTZYURrNBZKRmNTAPZRrtNheRlmNBAAbYZARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nceklNTDKogmZsdzq7bvvEY%2BZXHcqTu2ab0kjaWBCdW%2Bzt0zhzelB%2Bq%2FzEaXvA6bwcytV%2BV%2Fu1yQfk43SWcYvMLQPSh1BEUiDpyBPWzU3Yca3nwZjRAjEQMXNOXwm%2BNVCCTl5QK6Lh7qlBsTkLmqpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12ddfd0605dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNyKUAerTZ-UZew-PqUt-qatq-KaPrAMrrwrqMRrNBZKRmNTAPZRrtNheRlmNBAAbTUMRdzNcortgRkjmNBAAbTUMRwlNqhhftbxl,ob,jxqfzxdrtb,hxwdqzoe,ldqqzg,gyzdtroq,qdb,ekoztg,xfkxsnRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDU5SLE6k2i62%2BiSu7aBk28Wdw3OKX4B%2BBaRc4YW4LKvaqXEQw%2BtXEZser6xp%2FrrXI7NFmROU4akW6AivpfwFnInwR%2BlEhm1LmknJHQ83QMjhxzRrRUyKcQB7YhKXjTs8RLB4bzdOuP5JibbIcLlCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12ddfd0a05dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame AF63 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f22139ea65738716f98c13ef4033aae2e9a922b942a26fca746648c18e0901cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39998
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:09 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=59416178230
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:08 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs-simple.com/ut/v3/ 		139 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7b7869492a8206ce4a88e4205fcdfe2dde1a0f6f88d6f5f1bb97df56e883513a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
266a0827-c676-4bc7-8188-ebfde2d96c4c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
quantumdex
useast.quantumdex.io/auction/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6BSlhmTSkukSpbdHqo0iD8HU6rP3jTwbkzsoiRh9TPzCZtcb%2Fd9RGd6afVaDaOl0kXkrMJXQIh3NK6QaBgkyAt7u%2BQskDcprTRyTJx1NP02uvZaGfbtxAdVLGt7WORGYpuO5ICinOUi9e9M74ZCMyfF"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
673e12de0e964e61-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
c2e7299e-efd1-4f25-b047-1d40fb0d3f6c
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
cea0e4f2-7155-46f6-bf6e-fb8f994bcce0
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
b575546e-afa2-420a-baf4-a36464381510
prebid
ib.adnxs-simple.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
7c382d5b-d58d-44ee-b7b7-f91aec5a1f67
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221540b6e345413d38%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221551d9420ff8375e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1a39fa8228d7195b5478fe8419c4a3be15e8c068a683828af381dbee1e36c25c

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ 		62 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ROS?rnd=0.9727979688068238&e=728x90_0%3A728x90%2C970x90%2C468x60&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef6ed26fba3ab58bb98a74fa5a017d154398e66914ae1825d802783901e6d6e3

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.creaders.net
expires
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
AMS-731
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
b169342ff1c94e445c7f75eeb7d41c71c3506f7efc077441e81a50dbfa8c3ef2

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4789
c
prebid.a-mo.net/a/ 		0
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sat, 24 Jul 2021 15:10:08 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.creaders.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
analytics.js
www.google-analytics.com/ Frame AF63 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1150
date
Sat, 24 Jul 2021 14:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sat, 24 Jul 2021 16:50:59 GMT
collect
www.google-analytics.com/j/ Frame AF63 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=1&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139409657&_u=YQBCAUABAAAAAC~&jid=90192936&gjid=2102634314&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&_r=1&gtm=2ou7l1&z=596491666
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		166 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=207811833590022&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=1619040%2CCreaders_HP_728x90%2CCreaders_HP_300x250%2CCreaders_HP_300x250_2%2CCreaders_HP_300x250_3%2CCreaders_HP_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1627139331&dt=1627139409679&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C304%2C996%2C-9%2C288&adys=93%2C562%2C704%2C-9%2C0&adks=1184491182%2C4176071749%2C946318479%2C3512421261%2C1729793250&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=759x92%7C300x250%7C300x250%7C0x-1%7C1024x4114&msz=728x-1%7C300x-1%7C300x-1%7C0x-1%7C1x-1&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=true&fws=0%2C4%2C4%2C2%2C0&ohw=0%2C1024%2C1024%2C0%2C0&btvi=0%7C0%7C0%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
4193b0180d41a0f6a602b649d503494cbc5d12df13630b3405abbaf78fb06e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26840
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,4956182603
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,138352644261
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 15:10:09 GMT
expires
Sun, 24 Jul 2022 15:10:09 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-origin
https://www.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
quantumdex
useast.quantumdex.io/auction/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6kR9PTX3zX6kw1iNJohyHHqmqjDy4ZtB8NDnoESFmXGLwT63g4n%2FGrb6OvoiyEudT5xtzhiEl7zG8VQyyGWi6DhAB%2FjVgD5nQGtdll1w35kYgCGEluZ8rlk1f2RBa62ujfDYFXOak0x2EcLsaEu39xk"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
673e12dea8394e61-FRA
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:08 GMT
X-SMT-SessionId
ddfc4534-2545-460e-a398-af289969d88a
prebid
prebid.ad.smaato.net/oapi/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-SMT-SessionId
c240da86-4805-42fb-babc-18f79078af12
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.creaders.net
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22171d59c124bb908b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22172cc05291eee8f6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c228a558e5082d2608eccd4c6eb7d468acd2c7450fdb78ab85fdbd89fc6f487b

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Sat, 24 Jul 2021 15:10:09 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sat, 24 Jul 2021 15:10:09 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.creaders.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
76e137defb4f92fc08db6eba7d2ce3f644be937f86489d2058be54a4bf6cc81f

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4817
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ 		62 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/www.creaders.net/ROS?rnd=0.9727979688068238&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fwww.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fwww.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef6ed26fba3ab58bb98a74fa5a017d154398e66914ae1825d802783901e6d6e3

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.creaders.net
expires
Sat, 24 Jul 2021 15:10:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
AMS-731
prebid
ib.adnxs-simple.com/ut/v3/ 		140 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
af9a16a2c4afa9b7a2da0e8ed0d70f2bdcdb5e65441298bbf38ec0f7b7ba778c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
609b621f-f475-4be6-b20e-65f778100e05
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=78095018314
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:09 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs-simple.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
67bd22c8-93a5-4958-892c-f355ef599c10
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
px.vliplatform.com/bi/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNPBKZrTTK-wwTY-PYBU-qYTy-UqrarMYAteZyRrNBZKRmNYBBMaRrtNheRlmNBYAbZARdzNwqfftkRkjmNBYAbZA,BAAbBT,BAAbZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYlyz1r%2F1IR8rVo%2BoDsgBGrIUQ%2FMbL0dkO25eF7I5KDRNmDtV%2FCNwrp8G1Ls1uocM%2FrdUW8%2BmJtzRvrzovrUGNiF1vsiBtHEHUuMvkP0IhJH9PC7RIpgZ4g78KuTNHzyKuazcKX6y54XyljsqQDKNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12dece9205dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=2&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139409721&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=1393676136
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6622
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNPtZqAZYP-wrrY-PtyB-MBqa-erYAAyYMUBKZRrNBZKRmNKAZARrtNheRlmNTAYPbaARdzNwqfftkRkjmNKYMbaA,aKAbaA,PUMbUA,TAYPbaARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcnJ7YQiECHh5lipGsloRWjvGpw%2B2ih9q6sO6sKlzZaE7KXGy59VJl6Q5Lz2zdQS39CjREFMGvihacJmGsjsDfyf60CbnSyI1ojl%2Fwrht8%2BOPv2NxO3nylnvEnfukxn%2FDkU%2Fm0oDT2%2BlDK%2FMmB34Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12df2c6d4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=3&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139409779&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=1038423532
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6622
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNATTPPaKM-Prey-PeUq-MKqB-MPZZYrPattZeRrNBZKRmNYBBMBRrtNheRlmNBBUbYMARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,BBUbYMA,YAAbYAA,TMAbTZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFwkgM7ZFAh0IjL8q8agqN4M6qVodDg5A3c8M%2BbV6p%2B6FrecYQsTOhryl%2BJLgYjW8bXozBo6rYBEJwaxrHstTcym08AdicFCWf6x1%2Fg2hebRcCFwPazNka9u9zZTw2PKgCAmRcX9RvUUKjRT2aglPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12df3c954de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNwYtAPBBP-BreP-PBZY-wPTP-ZqPqPZPeMwerRrNBZKRmNYBBMBRrtNheRlmNBBUbTMaRdzNcortgRkjmNBBUbTMaRwlNqhhftbxl,ob,jxqfzxdrtb,hxwdqzoe,ldqqzg,gyzdtroq,qdb,ekoztg,xfkxsnRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOgJHr1rbjb2PKG7Bs9C8UgUjJ6a3898dE%2BkSQUEwTMOInAA44jrULD7mJr%2FHcLy66YHOHCfeIiXgPjwvFjyCTheZ6eP%2F4s15ELrja3oMNpAmWhbGM%2F17Wvulxp8wnFwBJSTN18tSGollND3joMVCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12df3c9d4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=4&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139409798&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=59304661
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6622
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNrTwtMqYr-qMUB-PYPw-aMPP-AKYUrUZAyPyZRrNBZKRmNKAZPRrtNheRlmNaKAbaARdzNwqfftkRkjmNKYMbaA,aKAbaA,PUMbUARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNgftdgwost|AGATAaUZ|KYMbaA|wqfftkRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkEZ3%2BFp70nvyZukMNsmFR64sF9Gt7z1u7Q3Sam1ZeuHqUgmrXws867xWC3h29BpA1S%2FUbcCmp2lFJaYEVxeFPE0V46nbC5YUv68VGpn030p9XrypjpM9j3P69vfG2iLTd0r0qWUZxWjjI6j7Il%2Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12dfedfb4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNBAPTtYKP-ayya-PYeA-aBwy-PYKAeMTwrtKARrNBZKRmNTAPURrtNheRlmNKYMbaARdzNwqfftkRkjmNKYMbaA,PUMbUARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNgftdgwost|AGATAaUZ|KYMbaA|wqfftkRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B411PkKamvrSUfTqkrhCj7wNSBDXMYT0J770L0nHhXOizrQpztSTpGKwrdQu2C6poZNOTdNg1qZb7FWVuMOB6sdUV2ghSX%2FD9Vp9tCEcydjiXsJYcsKf3QPT3ra95QMUxHRwkxjkhmTdZcgBYqWMfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e03ea74de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		474 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=27332290654860&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_31&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D1045%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627139331&dt=1627139410097&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=304&adys=1279&adks=2618475401&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=4&ohw=1024&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8135669297c22b1da54eaf629ebfd3c3f9c4819247af21677c6f4894866f3756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
241
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNaraaATBY-BZYY-PBte-aare-ZqKqZYaZqaYaRrNBZKRmNTAPZRrtNheRlmNBAAbYZARdzNwqfftkRwlNcso_aRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwrdm5r4yDNMzSnYgDX7fObqqn4vq0At7Q0g%2FTg6Pmnwlf70PHyqJPYCO9YKibsSv0iryU7HHdwGyiScjXqOfLjlMS7lGIEYFP4EZimTy5ALH6M7bCAugScLdgZgYalx9Nj3T01IeqPVur1cZFBGWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e1188a4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		456 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=741438087581736&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_32&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x50%7C300x31%7C300x50&fluid=height&prev_scp=vli_adslot%3D23389%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D320%26hb_height%3D50%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627139331&dt=1627139410230&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=986&adys=489&adks=1566529327&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x-1&msz=320x-1&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=4&ohw=1024&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
79d97b9efbdbb018dec45548585e4e20035b82d5e87ccae0f91538073d3f3b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNTZwywYAq-reYP-PtBT-MBUB-ZaUPMyqTPqtARrNBZKRmNYBBMaRrtNheRlmNBYAbZARdzNwqfftkRwlNcso_aRkjmNBYAbZA,BAAbBT,BAAbZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQQcG5hSNxGOwEBYMPSrzxCalMMQev01KhK%2Ff%2FcRdUrNhSMW10UoF05V8fDSmAZWE6nW1M3VUOqYLjTzSdmsYk%2BeZVVxXUKM7u7BtWPGO15%2FMUbS7jo8kpqVc%2FSDA%2Bo6itd7V4AtHVmY3HHB3VxLrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e1fa3e4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=5&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139410247&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=2091036485
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6623
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a816d136e932bbd05bbe8ce3f2ac076916a8abe1976a00db221dd810b12e906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=3062665513422083&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_33&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C468x60%7C1024x90&fluid=height&prev_scp=vli_adslot%3D7050%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D1024%26hb_height%3D90%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie=ID%3Dd0e4298d4b3fc90b-22e667d88ac8001c%3AT%3D1627139410%3AS%3DALNI_Mb70fA3RU_KjfIH9geLYwuZLZSYCw&bc=31&abxe=1&lmt=1627139331&dt=1627139410287&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=288&adys=2066&adks=1477030071&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x-1&msz=1024x-1&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e92c1104a63b7db39c05fa0b9ef5b25174bcfe158c581c28f972e20ed0f35a43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNKwTUaYqT-rwtT-PPYr-aBMK-tyeAyYayBABaRrNBZKRmNKAZARrtNheRlmNTAYPbaARdzNwqfftkRwlNcso_aRkjmNKYMbaA,aKAbaA,PUMbUA,TAYPbaA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0c2xZakCusFziu%2BOgw1sbTP9FgVsu%2FNue8Fq5TCLtWdGQwqRYJutCuZRO%2FnTKQefYvz7fI7aCYHO6jqrOWtaM3GsB%2FranWAzyDDkRI3dHYUpvzDZTf3A2SGPk9lPeiQ%2BuQYRFXnyjgUpTFlB%2B9rxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e24ae94de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0C4F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sat, 24 Jul 2021 15:02:13 GMT
expires
Sun, 24 Jul 2022 15:02:13 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6754 		783 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ee76f5fa4dfd53fd407662c7f6e9788498acaacc43ab50fd315392154102e310
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zn4Bdl90gIitccMezKfBhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

expires
Sat, 24 Jul 2021 15:10:10 GMT
date
Sat, 24 Jul 2021 15:10:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-zn4Bdl90gIitccMezKfBhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		463 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=3667772126350655&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_34&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C336x280%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D23383%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie=ID%3Dd0e4298d4b3fc90b-22e667d88ac8001c%3AT%3D1627139410%3AS%3DALNI_Mb70fA3RU_KjfIH9geLYwuZLZSYCw&bc=31&abxe=1&lmt=1627139331&dt=1627139410306&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=975&adys=2430&adks=3913246529&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=4&ohw=1024&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
c33e4a1aba58eff1eb154fbd4a9df70f911048d010d4da4bcc6e906998150c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNMYMwaYye-ATAa-Praq-wKtt-MayKetMyKayARrNBZKRmNYBBMBRrtNheRlmNBBUbYMARdzNwqfftkRwlNcso_aRkjmNBAAbYZA,YZAbYZA,BBUbYMA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvSdggDy%2FtmzUbPrFodLcZXP3UH5j8JQ5qPUolz3JJkkmO9y34zWuyQ%2Fqg22sD38edAq7kbUUz1fj3JTzy7jvz57qtspFHjzzwEp6cnlKsPDZ4rYpAvUQX3otV%2BfkMxQg6LK1jONIPD2hX01fmIPgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e26b394de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
pagead2.googlesyndication.com/bg/ Frame 0C4F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 15:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
85563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13334
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Jul 2022 15:24:07 GMT
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=6&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139410397&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=2023747881
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6623
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=4309681070806012&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_35&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C468x60&fluid=height&prev_scp=vli_adslot%3D7054%26hb_bidder%3Donemobile%26hb_adid%3D188e36392c75582c%26hb_pb%3D0.01%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dcreaders.net%26real_cpm%3D0.010965%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D728%26hb_height%3D90%26vli_sf%3D1&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie=ID%3D6945f7b045d8e4e2%3AT%3D1627139410%3AS%3DALNI_MZUEAmSnDdjabuqGprTCuUytufS8A&bc=31&abxe=1&lmt=1627139331&dt=1627139410412&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=3084&adks=2311413686&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1fcebc65378127dcae7f9c0a31f33cc54684e58f86567e30bbaff729faff65e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4468
x-xss-protection
0
google-lineitem-id
5271233743
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138300428084
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNrPMZyAPY-Yrwt-PyZw-wyte-KqYrPUateMYrRrNBZKRmNKAZPRrtNheRlmNaKAbaARdzNwqfftkRwlNcso_aRkjmNKYMbaA,aKAbaA,PUMbUA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNzBLMOpsrraVbUbQKwlP09cRgrs%2Fn8kD6WH7P1bfFvJ35YLw%2FUiLLoWg2dOx4n%2F6ILdXC5WLTSnZsF6rFylCu8wvP3JtHchbOg949oSJzRc30mXlfxChY%2BhwjS4%2FMtLnNpB9H1HAD0DFl%2BNLBMOXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e31cae4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=2845020976050865&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_36&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&prev_scp=vli_adslot%3D1046%26hb_bidder%3Donemobile%26hb_adid%3D1898bc0c6cc1363a%26hb_pb%3D0.01%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dcreaders.net%26real_cpm%3D0.010965%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D728%26hb_height%3D90%26vli_sf%3D1&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie=ID%3D6945f7b045d8e4e2%3AT%3D1627139410%3AS%3DALNI_MZUEAmSnDdjabuqGprTCuUytufS8A&bc=31&abxe=1&lmt=1627139331&dt=1627139410464&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=3916&adks=1153679504&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
3c52aef242e88834472324417677bc47aacae78240b66eeb82de3ebeedd422b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4768
x-xss-protection
0
google-lineitem-id
5271233743
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305024515
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNTAyyUPer-qZZe-PYaq-aZAt-BaKwKTwAqqUtRrNBZKRmNTAPURrtNheRlmNKYMbaARdzNwqfftkRwlNcso_aRkjmNKYMbaA,PUMbUA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuksMk7amH6vRoR1eo2IssIHZ8BuHz6WNadD00p%2FFWNZqDSIK9oOPqCXifKJqixz5LgMx8HfkkzWUMU0lTJVyUTh1VGUtZSivC17DhCeqZFGikI0Bi1dW%2BFgm8SUl3%2FwnTJCTfYunkJckVoEwvNpDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e36d664de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=7&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139410474&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=1802700506
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6623
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=8&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139410495&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=252335762
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6623
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=2312565456669887&bg=!h4SlhMDNAAbnC78O5ws7ACkAdvg8WhHRuCj3Gl_u_NlVC8e65yB5PD6boXxe_NigeHm6Aujm2WnlEwIAAACZUgAAAApoAQeZAoESVzI96qo-VW9XBl6Dq2HXVly2kE8qEZFp7a9j4w6AeUbsBUlpE6cy265BzMtTnGVPT3DFoqUnkY2qKu2Lakb0mHYsRI-iTkrn8cC_ugYiOh5p19xNgcTwbweM8ESIqUVByNdL6--mr4YrrQCHAIcswiXfffwOTWnacAobwCvaqtQ8cMp5QXNJxtSxtyNrKaHbjAP02p7Y9_hE5Av5vYY0o5qxnx6U4u-f_0iwwvJ-wOh9Zh6T_P5bWNgPxMLHS8PtCV9SPJ3ilKT1YMSBdA-Ct8niCqJ3p69NT4F8IHVGy1Yspv6asbsA7FbKBLtg3ne80xLuIcYtmL5k-LiFMSEWqPijC3ixHrtoldrCVNEhKUejnKaQFAsx2wnx3yVCihD-tbpKQ4d0m7Mcy0VQSiWYCaU_jalNGIGLNi-B2jyOT-gQD5hhr-Wze09IOKOxA98rW5lknIR9Sc8jrJUkn4mPRedBAfYXK2XXlIG5C1i-vOA5lQVo0K3WBliNp49TBDW4oSO4qGHs5NXmuzArfkmcgD92rKLxpTxJHZ6qtL7OQq141mPwC8j_M5bNCvHy0Jat0xpT5XhhRAa4Ok35_bn_JIQVub5R8WMLOKgjtw4o_1zojOdmHbQU4Sd-QCyz1r8UWeHAT1RkD5SwqJogUh_VRd_Ld49dcu4ZmTElB0r3e8_FXjSqNiSmT2HioL4IDyZaQQajTaRPOB6QAsBvItYgvcDixvdfeCSZIWhEWlhf9V_z-pbp4r0OL5du0Ef9I1C-1SY57WURu57mA1SDw_JV0TwujJcQgvIYoQ7KEBkyst3aAjRwhXAxd3slksbNWWWNjLWy0RREs5aBDC5jD_0w6w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 04F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 15:10:09 GMT
expires
Sun, 24 Jul 2022 15:10:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vi-icon.svg
assets.bilsyndication.com/media/icon/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bilsyndication.com/media/icon/vi-icon.svg
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2630122
cf-ray
673e12e41e924e08-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:49 GMT
server
cloudflare
etag
W/"5dbbbcf1-dc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039897272555"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27998
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:10 GMT
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=9&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=onemobile_creaders.net_0.010965_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.010965&cs=creaders.net&cm=onemobile&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139410586&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=522830838
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6623
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B415 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 15:10:09 GMT
expires
Sun, 24 Jul 2022 15:10:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=10&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=onemobile_creaders.net_0.010965_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.010965&cs=creaders.net&cm=onemobile&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627139410619&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=871308932
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6623
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 04F5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 09:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 09:34:26 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 04F5 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2208cd7900e5a497710b2e5919a1a0fc92f572648f7a9d68cc4c58fd1583c380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4720
x-jsd-version
1.11.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8865
etag
W/"6815-qhx4BGNDd20cuFqq4+Swg4ON1Q8"
x-served-by
cache-fra19168-FRA
x-jsd-version-type
version
date
Sat, 24 Jul 2021 15:10:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04F5 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:10 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B415 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 09:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 09:34:26 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame B415 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2208cd7900e5a497710b2e5919a1a0fc92f572648f7a9d68cc4c58fd1583c380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4720
x-jsd-version
1.11.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8865
etag
W/"6815-qhx4BGNDd20cuFqq4+Swg4ON1Q8"
x-served-by
cache-fra19168-FRA
x-jsd-version-type
version
date
Sat, 24 Jul 2021 15:10:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B415 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 04F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhTt_WX3jkWq5OMiYKR6BMNVYcjA5NHi6wP3MAwp9peYFezmZ_F8dVlPBTd6w7dOYTM2cqatusfAIklVUXHGLnRjWS1WcfRgmlGRhwujJ8owE3A6fKXqrBNOkpMZYsK6MWTLV0MYE_Fb-3ctaF-pX48jJSbtXkZhoISIXQTo7-Dwdj93-QGzlRdhzlIYYv4S4VjI-VCx6gLNwqDGbIsJet8QtWWpPPOSCk2ev99ENIN3KyprbKI6eV9Oh9cYciK0RTW7CEO3P-HxDl33QXsEPNEniuKIptYTiENRRe1_QjPxcqzKXJX32X03wdG6W2VF7LGLusCx4PzBoMahAETKsgqcMBhY-N&sig=Cg0ArKJSzMrWXX2kjHqPEAE&urlfix=1&adurl=
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 24 Jul 2021 15:10:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B415 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9YVMK5UAfK7FF4oCR4qddOs6ihCgf5Q-voY0xk4ziU_cIzVU8jfh7c_sJjuXy3mVbKUnJp4ZtXc5GJ0iQOc8xAS0QHFf9DWvdJEQrIF4Ch1JB4HdedDEoBeyF3PjMeNRVK1iCXoWETMiKTmbfrUlJQw_9U7gdpRsZV2nIanJf8pbEL5DUuPFCit_2-lxJXF5iLKjMZxNibXS3aIo7VWHt0_-3gGJXfMSVfK0Ub1l8LAKG_R551dHTEcLq00pm7hMT1J0EgQcKJl9lUN6ZTLcBUMna-nRSUuWeSrBynAomkRKBdl0lwyXMHDfYMfIHqa4BbAzSlZW_iS6gG2vBBBnTG7VBf2Xk&sai=AMfl-YRFcoSBOjnfbHyIOaqWyhMEuBjTo5yBIU0kkus7NkjDVFr1zjNsFJKhtnDYZS64T9d4UsdfHiuTU16KhHhrzUKPpTReyVhPh7EoOmXlG_zI9Yxl_Hs0V8hlCOPu8Wg&sig=Cg0ArKJSzFEDXzM8zwRjEAE&urlfix=1&adurl=
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 24 Jul 2021 15:10:10 GMT
truncated
/ Frame 04F5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07f80e3b87267a19fa46516c4f82a9cfcab2f36135b4cde43effcd95bfaab07d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 04F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX9xlyypCpw5v_wPaIjlooMAPOvjJpr8G1cVuQpa701GvQyOp9JOAQXqCBDCXAgHeq14p77MYJXFAWhUl663IfvWlLA2eyQfne0fGUTQtteEjcN0ZSc-D8XgbPq3Ja32SyJRyAwDxGCI_wDXhN4q0doUo5FcGv_Cffv2yRSXEL869JZR1IvQIewwHnfFpiH71V7Q5tz4cb198TwYCPeyQfXuQsnFjgDGWWsdOg0bVKnKL3LRlL8YOZMHfbR_dQTUnVI1XpqVAigNapha5mI8e-6ygZjdbqmwfOMtMqusoTxpxba7o113p1vfL6n8aa-U3ZO54FRaDT1s9HZCU92Kr6MX2n03CtFPU&sig=Cg0ArKJSzO5R45zrkOV8EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 24 Jul 2021 15:10:10 GMT
truncated
/ Frame B415 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dab8fae8460a5a494a7bb2f86a600bbd94b786ec4ac44e1bf120ab6397b9aeb7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B415 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqcprgXv584_O3azEhaIgp29onH41LiOw4SP3qQaZ0G7g7v6cLGT_aYM4DuOOVH7JsVmKmfdslMVpQze9StnExVqcThuJsQhBXWWV2hO_udEOGVlvJGVj7yLXx4STkIRO2MiBdi6vgEAcItd0vScYTmVXJmGhM_DmPOc7EAeQxkZxX2cwUQZS23ug6DX08-eiQrfHzcxYVDuZc4La3fE6iaUOfsMUUS96uilUWmVM4g65IB3eSvTcLGPHD5oIuCg5X6yMdLOn7civ6m5yd51tUeMoAX86bJS-a9Ro67R4uvvtWOSCHGuAVwTfYK1-L1DhsQOyy4ksiMSBNQzwlZOVaVPscrvmfrLI&sai=AMfl-YTpkYFtKebLLvZFMRXJRpCHNge3mEGukPJ4zwPZQKPY-yGlVjANkNyuXT2O1_aPfiDyTpoIfpjidF7-GGO-UKV1Mm0D3cmuBAnRX6XHkI3GMZtTBpn1CiFCyv9aBHA&sig=Cg0ArKJSzAoP0mgiKRsQEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 24 Jul 2021 15:10:10 GMT
/
track.adform.net/adfscript/ Frame 02D4 		1019 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=40545708;rtbwp=0.013706;rtbdata=JgKckWrbBA-4U6Y0PtEXjCtZh_JCPRWHw5YCeDw-mkdShRyt6NmXt49n8dFMkYxUcCLdOXc8wkuAAnoBsWUpQlZCddoh0PzjuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CiZWfUZyQ_kehDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e28f4976a45252fa6823a5cf13ce0fdd09c21a4c68ea81c46539df378130538f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
881
expires
-1
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 02D4 		19 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55936,55986,57926,55965,55944,55853,55982,55973&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=1&euconsent=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:10 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
adfeedback-1.0.105.js
s.yimg.com/cb/af/ Frame 02D4 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.105.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1c1c2fb8251cd4ed4384912ee1dd9aa7c73528f8410617b565f74b465499e389
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1391
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
29784
x-amz-id-2
WvusFdzhuCzHuRg1H6OTZ6YaEPMMnABV6ShMrYWn826IJZ0V/A6OdDqBfZMjAozvZ308kZ5Fk0U=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Apr 2021 17:02:27 GMT
server
ATS
etag
"1f4b16eda01bd9a1738b21511ad5d794-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
DTVM43TJV5Z34E4B
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
talon-1.0.31.js
s.yimg.com/ix/ Frame 02D4 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ix/talon-1.0.31.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 24 Jul 2021 11:53:24 GMT
x-content-type-options
nosniff
age
11807
x-amz-server-side-encryption
AES256
content-length
58593
x-amz-id-2
KyW0OujgLAgxRBW9Uo/JKvUDRelc+LlZcx8MpTpKGhmbsnw9bBAlxC3kH87RXpko9wuLIv9EVYA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Apr 2021 14:46:34 GMT
server
ATS
etag
"0bcb4d45cc7ee871c6d48b07af3e2b3d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
ZG9PBDNQBYVPD080
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame 02D4 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770929147&dcn=8a96957d01727298b51a9a3aed860067&posi=1021696&grp=%3F%3F%3F&nl=1627139409653&rts=1627139409611&pix=1&et=1&a=39bc54d67d6c4d2aacd189599ae218c1&m=aXAtMTAtMjItOTgtMjA.&p=MC4wMDAwMTM3MDY&b=MTMzMjg7MTQzNDt2aWRlb3Nsb3RzLmNvbTs7OzsxMzljMzkzOTM2M2Y0MjBhODBjYzQ5ZGMzY2ZkODk0MDsxNTI3NjQ7MTYyNzEzNzAwMTs7MC4wMDAwMTA5NjU7OzA7&uid=epffaa1gfobah%26b%3D3%26s%3Dma&xdi=Q2hyb21lIC0gV2luZG93c3w_Pz98TlQgMTAuMHwxNw..&xoi=MHxERVU.&hb=true&type=0&af=2&dety=2&gdpr=1
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.166.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-166-75.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
last-modified
Tue, 20 Jul 2021 21:13:00 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
/
stats.bilsyndication.com/pi/ Frame 02D4 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.bilsyndication.com/pi/?e=zdNMBrMUMTw-UKaM-PATT-qqyA-MUYytBeyZyaTRrNBZKRmNKAZPRwNgftdgwostRhNAGATAaUZRrtNRcsokty_orN
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e57b621f4d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
/
px.vliplatform.com/imp/ Frame 02D4 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp/?e=zdNtUMTMrrw-ytPY-PKyt-MMrB-BTAqZUAwtZqYRrNBZKRmNKAZPRwNgftdgwostRhNAGATAaUZRrtNheRlmNKYMbaARdzNwqfftk
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDTBZLLPfBINdKGcEhetdeytZX2i6f7oVnoX0pX7ybcIInk80wkHx3lrSTgf8ZsvrkVRcPkEiDNjXWWPydUWiSrM2ZZ%2B34voZVgCoZgCHvcSDRtTpeBVMNnp3H4Fxtk6A4e48BUXozok%2BV7DJlx6qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e56b8005dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=2132881724039994&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_31&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D1045%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627139331&dt=1627139410797&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=304&adys=1279&adks=2618475401&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H8yXj1U7Sz9lVV0TVLbEdiYJuzvTKIAlvqZMOFY8BnFJ9Gdg-fMr7W2K404coUqRxOfcV0PwjwcDDZiFv62GDFTZQ%2CAGkb-H9w9GzXK7kkaJ7bZkLrUQFq5UIBbRSR9DEeHTAP5Tno-Vfr31b6Jh6sgwgKZl_aNYUF0TmrFRoBgoWyolqCPchE-g&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=4&ohw=1024&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
2ff416c434af5e274fe51fcd3f0109ffb3d923bcb8c3250dcf313ddb3d11fa5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19008
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNrBMYMreq-BBYB-PKeK-wZwB-YZrPrtAPTqaMRrNBZKRmNTAPZRrtNheRlmNBAAbYZARdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tECxw8iNvExapJdqnR%2BUhlmHovfZA8eK3aL9jCUEQ2zcRNTaxAU%2BSa6NwDGUIrxzLcd1VhCwORICsKCFE86DPGprVvTypNim6%2Bmarb3V93TL8phFlhM608NFytsNFNvcvSYyHzLKD%2F2r7G4917rurA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e58bb605dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
track.adform.net/adfscript/ Frame BCF9 		1019 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=40545708;rtbwp=0.013706;rtbdata=N9ZI89eNHLBzbCmn9hzsEqXPP1cI6Xj9-AJtItdp3_SPUl7jYpBQ6tOBIp27BAsiCoNjPqqzB7LpaossgjmWMGC2BK5G3ijuuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CmRkWjfpefYlhDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98081f31a7e5ed4057cbc01c9a5249dfb2c59ab00acf366fe75e96657365b089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
881
expires
-1
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame BCF9 		19 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,58301,55936,57926,55965,56554,55982,55853,55944,58267,55973&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=1&euconsent=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:10 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
talon-1.0.31.js
s.yimg.com/ix/ Frame BCF9 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ix/talon-1.0.31.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 24 Jul 2021 11:53:24 GMT
x-content-type-options
nosniff
age
11807
x-amz-server-side-encryption
AES256
content-length
58593
x-amz-id-2
KyW0OujgLAgxRBW9Uo/JKvUDRelc+LlZcx8MpTpKGhmbsnw9bBAlxC3kH87RXpko9wuLIv9EVYA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Apr 2021 14:46:34 GMT
server
ATS
etag
"0bcb4d45cc7ee871c6d48b07af3e2b3d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
ZG9PBDNQBYVPD080
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
adfeedback-1.0.105.js
s.yimg.com/cb/af/ Frame BCF9 		115 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.105.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1c1c2fb8251cd4ed4384912ee1dd9aa7c73528f8410617b565f74b465499e389
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1391
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
29784
x-amz-id-2
WvusFdzhuCzHuRg1H6OTZ6YaEPMMnABV6ShMrYWn826IJZ0V/A6OdDqBfZMjAozvZ308kZ5Fk0U=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Apr 2021 17:02:27 GMT
server
ATS
etag
"1f4b16eda01bd9a1738b21511ad5d794-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
DTVM43TJV5Z34E4B
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame BCF9 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770929147&dcn=8a96957d01727298b51a9a3aed860067&posi=1021696&grp=%3F%3F%3F&nl=1627139409763&rts=1627139409717&pix=1&et=1&a=6176d9737a1c4416a36699bb9e827ee9&m=aXAtMTAtMjItMTE4LTExMg..&p=MC4wMDAwMTM3MDY&b=MTMzMjg7MTQzNDt2aWRlb3Nsb3RzLmNvbTs7OzszMmRhM2UzYTE1MmI0YmE4YjcxNTQ4MjdhN2UyNjJhMTsxNTI3NjQ7MTYyNzEzNzAwMTs7MC4wMDAwMTA5NjU7OzA7&uid=epffaa1gfobah%26b%3D3%26s%3Dma&xdi=Q2hyb21lIC0gV2luZG93c3w_Pz98TlQgMTAuMHwxNw..&xoi=MHxERVU.&hb=true&type=0&af=2&dety=2&gdpr=1
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.166.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-166-75.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
last-modified
Tue, 20 Jul 2021 21:13:00 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
/
stats.bilsyndication.com/pi/ Frame BCF9 		0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.bilsyndication.com/pi/?e=zdNKtwUZATY-Baqr-Pwwa-wqeU-tKeBAZeyBKrARrNBZKRmNTAPURwNgftdgwostRhNAGATAaUZRrtNRcsokty_orN
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e59b921f4d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
/
px.vliplatform.com/imp/ Frame BCF9 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp/?e=zdNZyAytUaa-TAqK-PMrU-qyAK-ATeAYYqMqUYyRrNBZKRmNTAPURwNgftdgwostRhNAGATAaUZRrtNheRlmNKYMbaARdzNwqfftk
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiOlRVvhMFrdybHxfzo28TG3xKDgVy9hFQYwFu5QKUUGQexKWUQLW8KAu0nEm8jpKGFcgYaRlQrvg%2FSIjhG9Qd4yH1EF%2FY42JKQtBzg%2Bb3wd9ioUWIh%2Bsr7AIakIFZcUzcUhy3AjWk5NLOJgFuNADg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e59bea05dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame BCF9 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=40545708;rtbwp=0.013706;rtbdata=N9ZI89eNHLBzbCmn9hzsEqXPP1cI6Xj9-AJtItdp3_SPUl7jYpBQ6tOBIp27BAsiCoNjPqqzB7LpaossgjmWMGC2BK5G3ijuuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CmRkWjfpefYlhDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 25 Jul 2021 18:12:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 02D4 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=40545708;rtbwp=0.013706;rtbdata=JgKckWrbBA-4U6Y0PtEXjCtZh_JCPRWHw5YCeDw-mkdShRyt6NmXt49n8dFMkYxUcCLdOXc8wkuAAnoBsWUpQlZCddoh0PzjuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CiZWfUZyQ_kehDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 25 Jul 2021 18:12:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=2242989461456522&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_32&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x50%7C300x31%7C300x50&fluid=height&prev_scp=vli_adslot%3D23389%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D320%26hb_height%3D50%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627139331&dt=1627139410906&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=986&adys=489&adks=1566529327&ucis=d&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x-1&msz=320x-1&psts=AGkb-H8yXj1U7Sz9lVV0TVLbEdiYJuzvTKIAlvqZMOFY8BnFJ9Gdg-fMr7W2K404coUqRxOfcV0PwjwcDDZiFv62GDFTZQ%2CAGkb-H9w9GzXK7kkaJ7bZkLrUQFq5UIBbRSR9DEeHTAP5Tno-Vfr31b6Jh6sgwgKZl_aNYUF0TmrFRoBgoWyolqCPchE-g&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=4&ohw=1024&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
3cf4ec2c9486db2bb547fb336e04528a5e520dc84b34b04e9530810e8771a210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8938
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNeUPMaYUa-Zerw-PqwB-aaeP-TAayBterAqTaRrNBZKRmNYBBMaRrtNheRlmNBYAbZARdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbZA,BAAbBT,BAAbZA,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAYQ8UJhTRMg9Af2533XauyFTXT1v%2BTZWaogQgrzPLRNnua9foqHQO6JM5QllN4LMC%2FjKF8E9WG3c68SiXYX1%2Bjh2ixzQ4DHJmdnqr%2FBSOimNo4fZdPtu6oVKZV9QYRpc3r8xQ6eQHnzTtps%2B3IlEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e62d7005dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
track.adform.net/adfserve/ Frame BCF9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=40545708;rtbwp=0.013706;rtbdata=N9ZI89eNHLBzbCmn9hzsEqXPP1cI6Xj9-AJtItdp3_SPUl7jYpBQ6tOBIp27BAsiCoNjPqqzB7LpaossgjmWMGC2BK5G3ijuuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CmRkWjfpefYlhDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1;js=1;adfxid=1x;7746;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.creaders.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
002a6fa48c585fca7e50e045ce91b80a118b07457b25e1602641fc9a4c2d45d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2159
expires
-1
/
track.adform.net/adfserve/ Frame 02D4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=40545708;rtbwp=0.013706;rtbdata=JgKckWrbBA-4U6Y0PtEXjCtZh_JCPRWHw5YCeDw-mkdShRyt6NmXt49n8dFMkYxUcCLdOXc8wkuAAnoBsWUpQlZCddoh0PzjuD7yEOkKr5Jjs3LzooiWllnzzpzPxjfR54oqJZxkNuTB_YkiJpmMy7N07s_UynuYR0s5TaV5kTmdGrjYQIT0CiZWfUZyQ_kehDDLfCjvmTHy7zA38rb5doW8zpnzZzcbUf_DSaIVUDiNyDcVcmUL1iAEB1QMxnli_5l_899gU4Q8oT4h0yCkGSJvN5QPTs9YQeEimShqzcc1;js=1;adfxid=2x;7813;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.creaders.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
75314311d903d5d7ef64dddb034f7ab809450d8507f1c5f16924d68e3a24abba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2159
expires
-1
/
track.adform.net/jsmetrics/ Frame 02D4 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=27&asset=83&sid=276&rid=10436&cid=42476
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:10 GMT
last-modified
Thu, 11 Apr 2019 08:33:12 GMT
server
nginx
etag
"5caefbc8-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=4220481858540535&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_34&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C336x280%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D23383%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627139331&dt=1627139410980&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=975&adys=2430&adks=3913246529&ucis=e&ifi=14&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&psts=AGkb-H8yXj1U7Sz9lVV0TVLbEdiYJuzvTKIAlvqZMOFY8BnFJ9Gdg-fMr7W2K404coUqRxOfcV0PwjwcDDZiFv62GDFTZQ%2CAGkb-H9w9GzXK7kkaJ7bZkLrUQFq5UIBbRSR9DEeHTAP5Tno-Vfr31b6Jh6sgwgKZl_aNYUF0TmrFRoBgoWyolqCPchE-g&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=4&ohw=1024&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9489961d15c685237a3987206533b9d49bdfce9ca6fc67e3a48c2d37267a5fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
224
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNMtZtYAUe-KAKq-PTYy-qAeA-qtwBKqwBKUrYRrNBZKRmNYBBMBRrtNheRlmNBBUbYMARdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZA,YZAbYZA,BBUbYMA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRXKrssmGwe5fgw3pwineIPp%2Bs5orOje6UKqM5qKZ9i3Gmf50slcjsFy40at7Qgd7zOk9h%2FtloaN4YR8EK7ibFpktEGaMRSGMVV%2BEBsO9Nb0Ucq%2B5wcrG749fNt0rKINA5FJpk7L2mIThOWNfuvgKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e6abb54de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312565456669887&correlator=1462693110643787&output=ldjh&impl=fifs&eid=31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210724&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_33&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C468x60%7C1024x90&fluid=height&prev_scp=vli_adslot%3D7050%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D1024%26hb_height%3D90%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627139331&dt=1627139411003&dlt=1627139408008&idt=1130&frm=20&biw=1600&bih=1200&oid=3&adxs=288&adys=2066&adks=1477030071&ucis=f&ifi=15&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x-1&msz=1024x-1&psts=AGkb-H8yXj1U7Sz9lVV0TVLbEdiYJuzvTKIAlvqZMOFY8BnFJ9Gdg-fMr7W2K404coUqRxOfcV0PwjwcDDZiFv62GDFTZQ%2CAGkb-H9w9GzXK7kkaJ7bZkLrUQFq5UIBbRSR9DEeHTAP5Tno-Vfr31b6Jh6sgwgKZl_aNYUF0TmrFRoBgoWyolqCPchE-g&ga_vid=1620888283.1627139409&ga_sid=1627139410&ga_hid=675223720&ga_fc=false&fws=0&ohw=0&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
92c900b26f9601f203bf6ee859b4fc0aee6c57752a6337cbf0050c06035139ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11696
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.creaders.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNParPtZMr-aUeP-PtAM-aUBe-KywrMAqrPayqRrNBZKRmNKAZARrtNheRlmNTAYPbaARdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaA,PUMbUA,TAYPbaA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dh%2F25ai1Vy2%2BGuHPHvaQNz8kruaM6flvkJpBDtdq5111IoufwU7bwxf0lZ3QQkfM%2BepBehlDcIUZFnp2R1n8qJXMg4WTfr9GsyYJeKvPwTqLq5QW1moJWZQTZdYmJrXu4UrQAVt%2FRyA36DU0ZILWtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e6cc0a4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/2gSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame BCF9 		84 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/2gSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
81de6ebae506642942c5be4b7242bb0eb6a9d12a1ddf38df505fe553a4cad7de

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 25 Jul 2021 18:30:15 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/2gSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 02D4 		84 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/2gSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
81de6ebae506642942c5be4b7242bb0eb6a9d12a1ddf38df505fe553a4cad7de

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 25 Jul 2021 18:30:15 GMT
/
track.adform.net/csimpr/ Frame BCF9 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=40545708&csi=bezbxLmueplxSOdl13vOjCCnAOtbcWKl-Q4UcwCyl5XZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
41371955.jpg
s1.adform.net/Banners/41371955/ Frame BCF9 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41371955/41371955.jpg?bv=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
last-modified
Sat, 24 Oct 2020 14:09:47 GMT
server
nginx
etag
"5f9435ab-c4ac"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
50348
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame E229 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
424873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E229 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
424873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E229 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
424873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E229 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
424873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E229 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
424873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/amphtml-china-available
date
Mon, 19 Jul 2021 17:08:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
etag
"6d4edf2414c2591f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
css
fonts.googleapis.com/ Frame E229 		6 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Jul 2021 13:49:36 GMT
server
ESF
date
Sat, 24 Jul 2021 15:10:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Jul 2021 15:10:11 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/16545277483487659486/ Frame E229 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16545277483487659486/6592766407814317453
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0547a98cb218fc60f0468504673281defe0a8e794d0dc697b3fd3aa8786cf091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 15:00:47 GMT
x-content-type-options
nosniff
age
259764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26378
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 10:29:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Jul 2022 15:00:47 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7833109229940213301/ Frame E229 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7833109229940213301/downsize_200k_v1?w=100&h=100
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffe839fa9ddba3384c1ea233c110f316e8782763cbed787735cc6f747fbbae30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 15:00:28 GMT
x-content-type-options
nosniff
age
259783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1131
x-xss-protection
0
last-modified
Mon, 13 Jan 2020 08:12:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Jul 2022 15:00:28 GMT
truncated
/ Frame E229 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E229 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3057e4797ae51dec49204b6ef7c9e99e8d1af52d8173ae4a88c6ba1aa9d26021

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E229 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 04:04:03 GMT
x-content-type-options
nosniff
server
cafe
age
39968
etag
12051390396603846657
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3217
x-xss-protection
0
expires
Sun, 25 Jul 2021 04:04:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E229 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
59386
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Jul 2021 22:40:25 GMT
l
www.google.com/ads/measurement/ Frame E229 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-pGPJcnA_9DO5rxG0iJhb47qb8hvZx4c9JpxZLTkJZDTavqBqrmeuk6VjDL1yyE9vTdW3eq8zFJj53z0z9Xuq7JWlJQ
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame E229 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9h2-US38YJWWLIiOrATjybroD-_Sg91j3ZiA8v0N3NkeEAEguMOVAmCVAqABx6-c3QPIAQmpAjXhxKEswLM-4AIAqAMByAMKqgT1AU_QINCdh6GJ_j7nyJk2qPWoqpqOVjfoXlAWEIbuulnugh4c0xe3AVph1W664h03qVibyPrW-almqpknEpz59cBkKmCBR7yCsARIVxbIVeuhqg84CgsQJ1b8UxvT6gM3KYvHAOwWOUgpGoZ3KxCQXVey-TsVa_MVPSCb6FHqFX1eeUWFJppOjX3cwkusfLQb1-_ctA_7cvIii_hkwc2r3ycIQ5TotIF2YdHr9UyGgRBvZN1YbO1r0dmHgS6q2f47ayaXJ9nnjgy7xXo9Hkzr8n0DG-MM8AYkVUENBDjpHF6GszNVDdRYE10LtUS-PV6OxL4qIz6twATYmdmHwwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHodDjIqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDFsQPSCAkIiOGAEBABGB2ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjkwNjQ3NjY3ODYzMDgyNg&sigh=dFt_LGcsVJM&template_id=484
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
biltag.bilsyndication.com/passback/ Frame AAE9 		195 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/passback/?t=1627126497&d=357&z=23383&divID=vi_35723383_836&w=336&h=280
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8e7a24d39696f203b4eaf83f0cb2539eac81422bd5533cf62eb44f7e8005ae
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
673e12e7dec11f4d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.bilsyndication.com/pi/ Frame AAE9 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.bilsyndication.com/pi/?e=zdNMZPArZZa-AtZy-Peyt-aTyY-BKYeyZZTYrBZRzNhqllwqe0RrNBZKRmNYBBMBRrtNRcsokty_orN
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627126497/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e7de3a4e08-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ Frame AF63 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=11&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=aQBCAUABAAAAAC~&jid=770764183&gjid=864130907&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&_r=1&gtm=2ou7l1&z=629344426
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E229 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.creaders.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
357010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E229 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.creaders.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
393890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
container.html
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BAF1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 15:10:09 GMT
expires
Sun, 24 Jul 2022 15:10:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=12&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=152media_creaders.net_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=creaders.net&cm=152media&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=444338088
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6624
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame BD28 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame BD28 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame BD28 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame BD28 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame BD28 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
css
fonts.googleapis.com/ Frame BD28 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Jul 2021 13:45:21 GMT
server
ESF
date
Sat, 24 Jul 2021 15:10:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Jul 2021 15:10:11 GMT
zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BD28 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 04:04:03 GMT
x-content-type-options
nosniff
server
cafe
age
39968
etag
12051390396603846657
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3217
x-xss-protection
0
expires
Sun, 25 Jul 2021 04:04:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BD28 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
59386
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Jul 2021 22:40:25 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/16545277483487659486/ Frame BD28 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16545277483487659486/2076313506083323656
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30bac5de5f75d80fd36bc2dd14b3f50b34b2085d35b3d442eff954eab0f314d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 06:00:49 GMT
x-content-type-options
nosniff
age
378562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29083
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 10:29:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 06:00:49 GMT
truncated
/ Frame BD28 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
351a745c10af52d961465031b81e91d084e19db1730aedc23b2a6ae125e722ce

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BD28 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
697241f0613aba33ce129179e734f16240c0079a7ccca812ea7524d0f739bdbb

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BD6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 15:10:09 GMT
expires
Sun, 24 Jul 2022 15:10:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame F977 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT0A26Icf1KuaU2SY4QDfnh0RzMtAqv3H9AWrZ3U3zDAiRWKj5NxgTOLRPlxJvSm5C5Fq1Wi0Sjef3La63bM4EHPP7Qweb7cVhVD5Hl1yU0NSJul0N_lB-CTXWokqW8xTF-GiuPdneqADSLxsdyq4Vg8sSB7e_tBmokOE8f9tr7W5T4T_cvgshmJXXDhhVN3ukGJGgL-YZBXtk_tS3UzM8NQ-Vk9XGNljYWjpbw4vKa09C109hyz0KGLh9zynjL-jmn--Dl2evR3DHXZbiJuqzENJus0Px2uhmWeLENmlndsqLBmwQXtqtUCex8lFy1V6SzpMBkmyynhT73Bg&sai=AMfl-YRdQmvNMD_q8mI_v12TKnRR6xJK1F9Qg8hkCm7_HBncUHi_UVAEiM4ImB8pH3AFVQ3m0MU8fTpiHRKRLu9SMR_FSSxdFqC39F2MQiqinwf7B7wNjyDybwoW35WeLGym&sig=Cg0ArKJSzJx2Qzv8ee3pEAE&urlfix=1&adurl=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
spt
tg1.selectmedia.asia/api/adserver/ Frame F977 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=60c21b1576524450f8723437&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
26f1a57969d05fecb478ee217d9081b71f9d35edb845543a614526b2774c77b0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4586
Expires
Sat, 24 Jul 2021 15:15:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F977 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:11 GMT
l
www.google.com/ads/measurement/ Frame BD28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJ-lH1yvCIqVnaJFt3XgH4QNyrmndLBnCE243uG3rKuHOzhSdr16NmNeXBPUtLD5CJh7mCQXE0m2CrrOq9Rzo13uwVSA
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame BD28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWSTDUS38YJaWLIiOrATjybroD-_Sg91j3ZiA8v0N3NkeEAEguMOVAmCVAqABx6-c3QPIAQmpAjXhxKEswLM-4AIAqAMByAMKqgT9AU_QG__noUu4A8xbfExrzVTc5hvozvke_z3_u4pvDhImvrLCAW3XqSsKGxVV1vocmGKvezjA0J1SG2M2ZWJ6k89H4BxAUJsBjauQBgRhasl2fT-mPenXCCcF3oyeoevmR71TfgsBfVTOldp5IntvqVamsh5MrKbxHLEmB-vde13yGtt76cdY5WpD2d4ZyrcVaL98Cc784ITY8pNmgb1PhTDKlgbGVbH-wqB3TYWlpSyTcBUbnyvJhozEiUmrdOLiDYeIzJroJAAcONczCxUL62aXgnFgaAlq9wkzzxcS9jQN4iMlXkSx4y2PdZkH2NVV6Z80nVjDNdY2H-W8wMDABNiZ2YfDAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeh0OMiqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELXZLtIICQiI4YAQEAEYHYAKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02OTA2NDc2Njc4NjMwODI2&sigh=iburC4EM8qA&template_id=484
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BD28 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.creaders.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
357010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BD28 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.creaders.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
393890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022107130206000/ Frame CE4C 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfe67e924ac653a908db8fbf0a22d657ea0b46a6aad9ad00cc1b6e1d7bada88d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
324088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55151
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"242da2d233c5bab0"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame CE4C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
324088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame CE4C 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
324088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame CE4C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
324088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame CE4C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
324088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
css
fonts.googleapis.com/ Frame CE4C 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Jul 2021 15:09:30 GMT
server
ESF
date
Sat, 24 Jul 2021 15:10:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Jul 2021 15:10:11 GMT
zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CE4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 04:04:03 GMT
x-content-type-options
nosniff
server
cafe
age
39968
etag
12051390396603846657
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3217
x-xss-protection
0
expires
Sun, 25 Jul 2021 04:04:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CE4C 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
59386
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Jul 2021 22:40:25 GMT
truncated
/ Frame CE4C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f322b51bcc64a9861ae5b2803f18664b14a04b65085abcd6b3cdd15f65d78f0a

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame CE4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUOoUUy38YNbfAqePjuwPnt2auAzW68WxYtah9NfOBrCQHxABIPW6rWlglQKgAYKY_eADyAEBqQI14cShLMCzPuACAKgDAcgDCqoE4wFP0G5T-IYhFN_RR4cNWUevf_QAd3BmpWcoLT-ctJtHbcCDtQMeUaPUmvdUKL8eegbskTUm8il0L3sK4IaqCE-VW8gJ_A4mrU5rBt_nWalQI84x5SNG157GaV_3GIb1l8I2nVlEi8PlcCbBJr4te13x9jFldW-cNa4Puieq_U9vERdu2uWVOgFwtCwRBkumQt53KvxXrM9D9BS_4jeUH7grLH9jPfuTtyYDIqKR1zdy8Z2HPITSYD4h__BlSyYv-4vHvuHlf-QpcA1XKKoz4UJ9sw-cwnmiCaAtyYqsrzs7bP3sd8AE2NP6i8MB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBlGAB7nx_CWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ8C7SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzOTIwNTEzMjY3Njk0NjaACgPICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItMzk2MDA5NTcwOTkzMDEzNA&sigh=TKk-rJ7LAyE
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=13&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=152media_creaders.net_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=creaders.net&cm=152media&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=1332831096
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6624
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1714 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 15:10:09 GMT
expires
Sun, 24 Jul 2022 15:10:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/ Frame AF63 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1567841897&t=pageview&_s=14&dl=https%3A%2F%2Fwww.creaders.net%2F&ul=en-us&de=UTF-8&dt=152media_creaders.net_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=creaders.net&cm=152media&cc=Default&_utma=77545162.1620888283.1627139409.1627139409.1627139409.1&_utmz=77545162.1627139409.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=1620888283.1627139409&tid=UA-128776493-30&_gid=1332747029.1627139410&gtm=2ou7l1&z=795386652
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 13:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6624
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
41371955.jpg
s1.adform.net/Banners/41371955/ Frame 02D4 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41371955/41371955.jpg?bv=2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/2gSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
last-modified
Sat, 24 Oct 2020 14:09:47 GMT
server
nginx
etag
"5f9435ab-c4ac"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
50348
/
track.adform.net/csimpr/ Frame 02D4 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=40545708&csi=-yZ8gCTdwoF95_uLHgFOH_zic0ccAZ1o-Q4UcwCyl5XZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
publishertag.prebid.105.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Jul 2021 15:10:11 GMT
truncated
/ Frame F977 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b8588ea60d7b61e4a34d0540ec30b96f6e045014e754e652502dad337c15d08

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CE4C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.creaders.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 02:22:18 GMT
x-content-type-options
nosniff
age
391673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 02:22:18 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CE4C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.creaders.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 13:46:22 GMT
x-content-type-options
nosniff
age
350629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 13:46:22 GMT
/
px.vliplatform.com/ipv/ 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/ipv/?e=zdNaaUtqUTe-PrMA-Pert-aaAw-ZTqBUByTtwUBRrNBZKRmNYBBMaRrtNheRlmNBYAbZARdzNwqfftk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B9e5pFZyreBg0%2Bka564lxiLTRT0HMlBE1%2Fj8Q%2Bud3nmObub3VKYGfpxehEyuczC0G7JADRUmJZVfFtskq5ZjY9GsbafVyL4JtAv9McwfMjnwXFB4mYcqNatBsXiHzjU6WNRP9xBCRCQbhT1pPPHug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
673e12e9fb114de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E229 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 04:04:03 GMT
x-content-type-options
nosniff
server
cafe
age
39968
etag
12051390396603846657
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3217
x-xss-protection
0
expires
Sun, 25 Jul 2021 04:04:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E229 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
59386
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Jul 2021 22:40:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2823 		624 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7eCEGzAB&v=APEucNVG_La7m7s5K7bpac6osabFATbH6GUS2ZXBuyAwPYNWnOWEvh0lfGXG3KkWs5bV8jN6WunvN8FEWN51c6ksuA7g06EbLTksiPEXFgMzqUawyqkCgPf5iS3n6ENlhmos7vIUOQZ64NIMP8sTWDqOObhzSCmgen7mgOdkRBq3yeFxdTGKa5Y
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COGKFRCp6RsY7eCEGzAB&v=APEucNVG_La7m7s5K7bpac6osabFATbH6GUS2ZXBuyAwPYNWnOWEvh0lfGXG3KkWs5bV8jN6WunvN8FEWN51c6ksuA7g06EbLTksiPEXFgMzqUawyqkCgPf5iS3n6ENlhmos7vIUOQZ64NIMP8sTWDqOObhzSCmgen7mgOdkRBq3yeFxdTGKa5Y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkwtbteyuZYxhxWvDEMynS2LSBh9wifkJGhkYHrupWXdx1LMwlYePkd0YfrbzA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Jul 2021 15:10:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame BAF1 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT9CaxjO-z3PewRnC6EWjA36JFry4g4zrmhXentoAKUywCpkbaHUouRKFq7F14VP3YLf_qh3jKNe1sNLzmrgrbeIfImbqlCjEwtT7QTQ9fo7gWgy2satsMBqdqSgN4a-X4cr6omweFjBhDPqETRPSC-Ab_hA&dbm_d=AKAmf-D8tgPByJ631X6FCGrsAY6YULhHlF1HbSEGWLurziLmXZ-k92svvAYeWsyOw28IKdO-OwxnvrjdNIwU3mTEIxuGp8XsUIQZrE8W5PEuvyQs5haQ9x8R7wQf1cXodxnlr8Wy6DRd7Fs9Ol73qDwrLYFaCNyHhBIxklvOHtybBV7geSkKpbuMbnn-1ZamQzr-j5ObWSqTNPezinInBxmHzMSqn3S-c-eocMabqUKiF5wjXXd5zwbwimZTHdsal1oy9AC39p-M3_lj_ubP86izs2em66jEh_Ecp5vYlXx19B7_iDuNZI7f1gQBBu5M_MUhZwPSSeAkgFbJN1sYZjaBC6ATIsB4qS53JMS35Lrfw_KGjjNZzbzaWOJFLeQokLh3NILxDKi2Ur0g74lwxnexqFwBZBDdFjFsiDPXp-PvF_p3IBWM2Z4Vs59jSZA7nJOtCmsQntOSdNlic2S_AYTDHKfY8W3UI9_21i8ZkdbAuJF7Boz-QgBSo-_pWv9ZX8_os5TNcSgENH5N5zUi-R1cYVC2aRH1h_h_iuj8fkiZdfUSKeoFem0BCNLcOAsu1FCt7bUkeoMejA5ysD1zx6H0qAaOKYnYcSeKEmTmfb9Ggc6xuGxyxwmKQvxQvWYkJCm_JFzGNf9xQrsrZDPXklwDpw26R7ifDJfKvsOF9aVPESsXAyI5M-NaZBcutxLcaaGpRxj4UIyyWI1wU0bZol-FJBmguAkUIKDULMUJLb8pgydxrT0twTSvQvuIeHD7t-ra9EVt2htHQAg7YrnTsAap6MEzUGyyZAYWQRdZSM6LVsJNbB9wjQ9BRFHziApxIW8vGGpgJ7NmfrShUR2Z0X6Mb8eCVDHHVNXARy-iY4m947rIk1wx1qhZBwrCg-H30vSakn6DbeblrC4F2rbPnDeSXP3yQWmCzS42WBce4IsJEZZxb5AjoH5JHzYbCkSg3vOdUVICXadCVIXGrTlcabGN-6dYr8htdm2rFVjbYg_CYkBLDOx37HwAhMvomM9vMEHWSNWXYRIsssY01wsVPAX-b25JiKaY82cnUlB2luvoGwyGfSP3OO3W9bNS5WZ8oixnOYErpbJbcC2pBVOiU2PkcCH897V96uu3LN9kwHMg5HDhbhFf0AL3O5eVOuQD4_FRf69bEOhXfQRbDE2w0dmuUJ6VpP-eWhvuKPzAkILqdwTcss8PKE-htlUIbIeUV1qr3Vi8cE__xSVIZuwnR6kAz28J5yaIzgarsXx5DwXSgg4o43EFcBqt2GDf2oWLByUL9HhQNe5frkeD9hzg3DDS6sz9Aq94qJyQ8UrS-zhiqKjCr6-S1IcmNgDPzxaohnjE7kVaDsTEfx6bR3hbtbzLrHt_3owt-oQ9SQCmrvmSjKAwX0HKi3iNLoR2QDPYBkpCKcE2KghtDA9L9Urv_Z3urQJTBBoHW14XsEMsZuA6m2qwV52Wsi4cdtw045RDkSV_mo1CiTSPM0IMz143JSpyFAUMhP032SuTi6_lCI-taANxgfhuGMiCXSWMot2kf3ho9VW_quVb2eojH7a1Wf-TNzmnPAnC0eqkNDcIu_-ZuJUBLMq5QTLbjB8IcBRRWUM5okypNn3gVFZA1IJSQhO653WmO1UqOfPYT_rkr8YlI17O3OkiMr7anFggUJ5U1vtS3wSYJgsBz6k6p6T64VkdeCHlVrDj8D9pTRPpsvG5UQ2I3FxFDLuPU_faZ1_z7OQBnxRrv1YZRskaAhQhGSBdIoksLY2OS63QSqN7DQdoQbGHYyVc3-fNyGQgc5hd359fJ606zGWWosIS9NC-YgyyRfx54ZwKGKd7hvcbi3d7I8Ngb9fiT2Oahqa4ioimx6ilNT8CsNKQbyiI0Rq-OAvbbSqVz3Pst_roqBkK6zLMlTlhPKF9RfxZGzOyt1S9ltyVvJrQXtGzNnOw3PyhMt05_5YImaJeDxxy3idOz4auArgEcT930j7dy3E-zhzXFvrrk6Q3pKdzlHl9zDXBWfycCZ7057IDiReZRnQdo2_SxnxBMlF48EZyLQdXjHS_ggvAG2iQ7EasGB9uUoQ-CyxIGsbNtCcbhy3QI2Bc240PdsAKdQ-eKTCy3hF0P4pjmb7TVLKaEksY-sYthG5i77ss-cIFBTVouaGEVUJ9y8yYCmjic3j6lc45gl7lGedBa1jwRs3Zt8VXwfQuir6i5BkpvcARJZp4McrluZH05HniMv9oi844S5ZoV0kR0S9Y2IsMajDz59_5LpLkUvJPgI9LMjIuiS2p3m3jOmJoEGYnbjsobD2uMrZNL_8gOO_hUVm8ULzwEnw23s7jyxXFGobrmr04q-M_p72bfARh1NR6XVw9VUTqemt96kXKDJiZTpQtaTn33Zll0tGXWc0z6UJuV3RVZfJNKrFBS2z_Dv6f32dRrG-NE4pN7pZU2ppReuntSr7__ITerMSuEsPxBTHzGo_sAWO05erdVJY0IfMl6Hs5-56BEsinkHHVfi1wSFyPu0hQHr1w3vQ85iMtBuSBNtSgGR9HI_jT428ySS0Da2ZqUpxSr4LU3TFucW36NdXOr-wKnGHkN7AVmF4Qm0J4MOTDCk3_9k8WQf-94974oGT22dba3-oGQZ4Dh94hrgBGOl1fhKqSochyp4WX_GFhXiIuRLbyHr1pFf41EstKkBMobc-bVw5nDfM6MaxzeETZPscEm-yNJXwjJUKAa5mm11xsdPlnsyNett768MfLbHol-ur1wSu5VPMWU2ybjlT9QfH5QtYqKd_Toy-Be7iDRgj3KrFWpUsR5wGQashB5cjnOnJvR9oYz2GewSuynwaLcoUVCYt6nx6b7pP4HLmqN38qTAvMcOiPlC7M6SZMSB5cwsQeAps9WmNSLiFRdSR5rMG_N9zGrejS1gwnunzhhuixvPOrEe9MN5rotoDZ3a_lpyGJhlHbb4lD4RH2DJLhCNsF1WGbgqNdP9ambJh3Vdh6i1b2YrwkTvPeEaOWkTW5qZMVlb85-FL7xOVRIIQk9yWCQfZJUrARQvfh6DQyouxAm2KljRilf5uwihhQLUHqtVIHSOV17W427kNFTDyptPtQr10dREBWHUjyWAoRY5U0ZhNhWw1lRoSsb5APHU6cZI_7PUz3OLb4qDB8yo_ATr-Y25eEeaXeTXCnrZF2e98x3_JlAw&cid=CAASEuRoXY2D-A-ohf-B5HTbyJIDgg&rfl=1%2Chttps%253A%252F%252Fwww.creaders.net%252F%240
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d15a8a6c43c9e3dbb8ba5f023fd8c42b3cc7fec078e48f80b7f1c1dc4d78bb9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25223
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BAF1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZ1F1l-cOdfkRBkxwGMPph6hlcEGXJYlagH84E_MjMFtUCGdr7jyrr7QEp3lmbOwwXPf-lG64ukbX-nfb1hFWVRAldB3C_FVBm1uCDChyql1Gi4wQ
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame BAF1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:09:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BAF1 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame BAF1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:02:39 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B0BA 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNWPCZxzfeROA9r571mltJlk3hdg83pBQnNXA2emTb66ds8Wm4yJxiwADL7VRFb7YNhbNypyt-rwlu2XVISfpSWNB71bzH12z2ILs9QXapYWIN9G1z3Z6nxE_unag5d8oMIoatFsMfJwVaQ8c2nphOoJgS2JqC5h36aVaCEOeOPEldpqvO8
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNWPCZxzfeROA9r571mltJlk3hdg83pBQnNXA2emTb66ds8Wm4yJxiwADL7VRFb7YNhbNypyt-rwlu2XVISfpSWNB71bzH12z2ILs9QXapYWIN9G1z3Z6nxE_unag5d8oMIoatFsMfJwVaQ8c2nphOoJgS2JqC5h36aVaCEOeOPEldpqvO8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkwtbteyuZYxhxWvDEMynS2LSBh9wifkJGhkYHrupWXdx1LMwlYePkd0YfrbzA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Jul 2021 15:10:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2BD6 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN93kCMk6ulSdWl9a7MqQOq1IBkAZmQNGr19lrfHBkobBEs3Hky9ZnoQHU7DLVOWTOaFFm5W9hSco0BEGfWjM8m0FKbqA5IWRcp4bGVIJ_qSP_kLyjKNMRwiiL_EP4qIg2ZkVZbdo8AKkRnfRyxS7BHYsUlw&dbm_d=AKAmf-ASo0hSG-Epd6iVxm0CTOz3lZDECr8x-TXbjgFgsqi6wHdBDOPbtrJ80NLZqjMCt2cHIKJymYTpWMM5DWCfFQxKMfKiKm_rqXHk7OYqLpeNLb5Ymv0SepV8v3T0sRJuKer23sFz9FbIOJbg_cbDjs-Yu-EnF9TAsxDr7a5jE735fS6T8KyHVcpL_yGqNnEripX8ElvtCJx2xs2D8vi0alq42xJuU4fmpbu-rgbVM_Q58lUI_nELsqr9m95ptCCNCyTiVpgPVGHvogtmnXxJKmaLazF87jYMgF6hAmLda_0Ehm3waqLQlKe4bDQhnZHPfPqX7VcRu8_NHA7FF-5sORLcp_yF09vsB_N3ZsrQBxlbHSphQTKn_5SjUAr_j5lnQ5W1gq1sHiCxGoOv-BWhZ8fIuHpqFoR_jjxkOTI5Kf2XH6xHGdQ2Y_yKWIxlTCkgPSJKNJ5mI3vpoyqrSGKPwIWYlQuWfBLLXE1V0opyToC2LA8p173VlyQ4U6tnsGNfiqksUFsct8HZWgMjIpN98_X0Bt01o_r6jwoRdtyuU10r9VGTllZKjvER83BfzyWX2HxEpvYO4gyOuzR1A3JfaCCuXo5_y8A8snlM4CwMD212pXk0nXAZ-RW0MAk3RlLx_vDYq3TDHq4vorzy2CNt9oA01Q9HWoaT22OGehHHVhyKZASRF15taZR28SHlwgEpUr4VXeVEJxPuGb9b45ORx_NP724e_6BrmDGXbj6tPTRp_Bg-brsqDYsfhHOrbVFbsMgURo5yyIe4cDcYkzvTzgmw03P6FdA4Pi5C7DcoTQ257V_L7mNLEP7d-Vrr5lERICgnbyLLd-JnEhFUtOK10slNl8eToZbUmorWJlbEgEuGYFL8PFsEuPbEVW_e2pIrabYTO71RrBAJh7G61XcOtlT8GKPfZowE8O8yl4DKIAn9_GB8KB2X6aLdseQMFj1-mX7_1Sa6raiP0mStINTu5AEBf-BgPufnEb_r20AswRkuXgenIYk7f88SwanDkOdGYtnvvLBsKGhFL6lDyg7NYljxAqgOSRJXJcJM7yWMQnWEuh7Rpg4diVpkaF9zkPoDeoc7vRM0P-uT7aDAmz6Ns-LKk_vNDitJWTzlW_47q0HkudMwGSUWaR1ujtgbTt2zpKFvlxlUsUlMEx1eMysbJtWQ-v4jeJ1Q9JqRYc2ed52j5Ja7LPtVdWtb3oJrk4lh8a6lYTkikKnXvzPstT_d1ZUlf0hFG2OQkZIlOV5CxcC6fGSAc3o1aRpn9_hiC4KLc_OqogAgX0WmqNqgkI3Mhm7l4QnOREI1LVadKbmD9wWFIQgMvQtSk_u2s2gap1TEJRJKyIm1P9OLUxW-kMJrHvRvLbmJBgc5yDLLZyrotS1VvPQ3fulTWgjWKpCBvtZg1wJUQ6c7ILo7kcaLJKBca_582tudsk6SM_5OSepI3zPQlakWYw9UfNeuhj-__qHU81ruFlNXqNSs6VOaTc-1uA2aXJUC_JQAU8fMBkBv8b4qk4SV6moKzDJ8wE522RJvbtIIGTAj9coM4kNuTvtMDZ4EKqn_e_BE7PNdOU9VBHghavinbTye57FfPuoGRJxKla6zbjkn73968zegtYzkp9zkd_3TPu5dm2p3MrNqPMYtrNrZ5KbxgL_7PMQGjKglKr9Nd9sEvIcLb4C4SmY2IRyDRCXv0thH5iUgtq22M1TX-HRipM_vE_mQRdZfg405AcXwu3uGMrgU2aCTVBpzI4ZDvurqNbzm5sPTpZJgCEQYfgIQ2fN7Kn6iHlV41ZKq7sHqPuRFwMtvOvWQjsTRuknpFAZQiPZfHu0fHchNPOUzhLZaqdreBNhaAKZg1Kk2xpkoqdf0KkZL2_WpiucMEfxRQ1EIM7tQ6torh_y1t41IJ2tvO23yq1gxoRYED2fAZA_UJS96CPKYWi_ihoo8zM95ZOF5zW9gACkTq5A0LPgfw-tFvexvm706iHUy_H6v40lhSZr5nm7QVnnUcIhtHbLOiZ9Hx3PMQqxIc9pd2yhCwcMf1NXxJdFJO3p3Gt4t1W0KkDdo4RL1hyRRz6XV0BEykpOJxoFUkK7ezv4-shnccQtsAiC9z7qX57QAYZKSulFRrbslHYJn8cXZtsC6hbTU6lP-_MOnT3P-Kch5Bhh7TGcUQjax3-5U8AtM0kyQWuvp6nyofSuaiWHdDXmcm6cOuFx6bfcNHkMSfm7Hvx6jeJ0Fa5qieTCPa02vgrGdJxkzJASXTMknEiUbmpOgHHlr-TgB0Xs5TGbcbMW8rDpDt6rup0rBS8kAhBm1DvM5NehuFNE0Y4zml4wkuDNn-TpsqGr3BeBG8c1f0hHXP-J7xreK-nSLLBfFdsy_nG-wfuTys8dduQuVEz6iMdo1ghPvUrefR-t-Y2goqN4tolafokG3Wz7PHqvWTENJ4ldHlvLWRSlMU8mOKCLl11GlBMQ6RzuLG9VED63dD_u9qHyg68mP8NLSvSfDCIEp_uzuBbQ4lbgd7yvA_Sy7kKkqUT3lcC5Y57EHN4nHPIU1Ah6FOVxpzJnuJprYJh7SVyQDH3QGj_Mz0H0eUCdsgaMOKHJCdFb_5P3vukkt5dRdAQmdN6zPszuhx4clzeapCLjcCwFRlUAEIktsv9pfuPbsGi7Poh6zAWYSf7XToLa93_1P70TeozsCvDXoonIdMqPvL1gtRQubN77Pd4kEEXQOIQGwn3gn7ugck3adEGe_kp0bOOhXpKGIyQUHNdxm1qjFahq7OrBinW1ctRikWpbOLlEU9TbXSMIlHJiD5AsABFKlA604i1c2c8Gz6j_wpPZFuPKSwEe0DAQeSJn9V53a1XyfjCbNvVmWD-C8Y9x1s4x65XbMGSVcjIw43m8LqBPoeIO77OWSqVlc92hUJBQgMfV-La-RutrBflCXv1RsGYWuoTCko3gbRYla8I3bqZ2LtSoxCaxyEza5CMT3GN-_3guicY2jp-02wXQkgrx5Sv-2lv9Cv454RELYtGHX8u6CYTUsnO4uqg8uYrLOrzdmdqYfkTAIgIvFls5Rxk5vomOlK_Gja96oJb6V3pdeU49XJluCivoI9-hYrSn6G7xxxtjSt7KxK9en8ckg_I_X63L1VZ4DduxW66Efw_jrIT4joEwee3bW5N7sqz39PAted_0-g4yw39iRbHVyo6i1Aa2o49Yql7U&cid=CAASFeRoS3wdGW4KrpPZMocFysr7TZgRmQ&rfl=1%2Chttps%253A%252F%252Fwww.creaders.net%252F%240
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cb972406dc51d45d861b71f045404cec3a7b6b130c535b4aebc2c410b7f8e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BD6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQNqP3PctU33L79CV6T4XCiJQ60CkmrFwo-zgReqti3_cJwrHEmJctgWR7SvFP-LVm7bS8zkwSLr0EZvQeJBYIkh5nsIiYGwDDvHRcTnViB858Icg
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2BD6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:09:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2BD6 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2BD6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:02:39 GMT
l
www.google.com/ads/measurement/ Frame 2BD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCsiUzRT54pJJGNhhHVUV2aLgn9dUz7zNUwDDunl7xmQQ2fjdD6UFBujgLX2NY5yOrAO0zzPFC-ivhugfwngmpLXaEbw
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
player.js
player.selectmedia.asia/script/6.1/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/player.js
Requested by
Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=60c21b1576524450f8723437&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
dd0e6397ead8f6f8b6eeafd05f38909bb27b1f3a5c7b902bc902ee704852a9dd

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:11 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdtIJ7iiDkyYqDTqJA6wiJmQn046HDV2WXtyoHUK-4kHvjFndMttx7Espdyr_6b1Z_ZlDHFji4mROeABYszaXKh7HPogCQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
9181
Last-Modified
Tue, 20 Jul 2021 10:53:12 GMT
Server
UploadServer
ETag
"0a38dc7f668d324bc2783eef6143f541"
Vary
Accept-Encoding
x-goog-hash
crc32c=FGuqCg==, md5=Cjjcf2aNMkvCeD7vYUP1QQ==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1626778392567457
Access-Control-Expose-Headers
Content-Type
Cache-Control
no-transform, max-age=300
x-goog-stored-content-length
9181
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sat, 24 Jul 2021 15:15:11 GMT
track
track1.aniview.com/ Frame F977 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5c5bf265073ef44dbb3483fb&cid=60c21a7dd47c7876191f3a27&cb=1627139411553&r=www.creaders.net&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&e=playerLoaded
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ts336x280.gif
www.creaders.net/ads/banners/ts/ Frame AAE9 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/ads/banners/ts/ts336x280.gif
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.48.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-48-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fb84ccee7e98b50c4725b5cf6b7df76b5382ef6af815ec403d9c95365c1d1e41

Request headers

:path
/ads/banners/ts/ts336x280.gif
pragma
no-cache
cookie
_gat_gtag_UA_128776493_30=1; __gads=ID=573251076d2b44a3:T=1627139410:S=ALNI_MZ0aVuBmTbllcFYsDZCpTcqSLlh_Q
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.creaders.net
referer
https://www.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
last-modified
Fri, 14 May 2021 07:57:09 GMT
server
Apache
accept-ranges
bytes
etag
"100aea-5c24597363f40"
content-length
1051370
content-type
image/gif
zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BD28 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 04:04:03 GMT
x-content-type-options
nosniff
server
cafe
age
39968
etag
12051390396603846657
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3217
x-xss-protection
0
expires
Sun, 25 Jul 2021 04:04:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BD28 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
59386
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Jul 2021 22:40:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CE4C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 24 Jul 2021 15:10:11 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
css
fonts.googleapis.com/ Frame 1714 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Jul 2021 14:26:50 GMT
server
ESF
date
Sat, 24 Jul 2021 15:10:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Jul 2021 15:10:11 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 1714 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:04:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1714 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct-BmUi38YKSZM72HjuwPyJC3yATtlcLaY96xwa2AC9zHkoyuGhABIPW6rWlglQKgAcyP99MDyAEJqQI14cShLMCzPuACAKgDAcgDmwSqBOkBT9CuduwtqEveJOCoa8sxR8JM1IxHcfhp29IsGeGmsz2va3qgyZZ0_rD0gjwKqawK2p03UnKLmahv15nYJtsla31HYeffw3ZYSZV1g0I9wK6eoUoW0FcxLPJsF_qYPbLCWXR_W17aJJEoBW2oc0ZGxqb6vyW79BrqC5DOhMIpdl63PMl5shu_dOhrq8rQQlkR4J5y2v7Q3y9rYpo197OtiW3XLRhWdeY2laZaDggsVdpyCGoygWiF2JKvrXAA-N9zP_dJQqjNZI7ks9Yc-7BuMFTuVhwYdGJpGMqyuXtNd_ZBLIjKPlxq5vXABKzt998-4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5zwiCyoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcDEI1x0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MzkyMDUxMzI2NzY5NDY2gAoDyAsB2BMNiBQF0BUBmBYBgBcBshcaChgIABIUcHViLTM5NjAwOTU3MDk5MzAxMzQ&sigh=ivzuu81HYQU&template_id=494
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 1714 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:09:51 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 1714 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:09:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1714 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 1714 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:02:39 GMT
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame 1714 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 13:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 22 Oct 2021 13:52:36 GMT
zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CE4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 04:04:03 GMT
x-content-type-options
nosniff
server
cafe
age
39968
etag
12051390396603846657
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3217
x-xss-protection
0
expires
Sun, 25 Jul 2021 04:04:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CE4C 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
59386
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Jul 2021 22:40:25 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 1714 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS1ETiJTJd8J70PnODzCaJca3DHpd2AUgbaTmc7ziBdzx2LdEBNG4ZIq1OoEcw&usqp=CAI
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5879a6975321f9889e11f2e7df15af36a5f15cc3bdeb6766c16a695df787cb53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 07:22:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Feb 2019 23:11:33 GMT
server
sffe
age
287258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19111
x-xss-protection
0
expires
Thu, 21 Jul 2022 07:22:33 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 1714 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRAxwnHZxs9Ln5Nr2Of6pyCHrDH26lp7ibE8ZEnF09gx4tLI9uCHZXMQBTcQg&usqp=CAI
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10beb873ddc2cc683bdbad94b7c7b45d74a027839a3d873f6d02426d60504ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:50:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Mar 2021 11:38:04 GMT
server
sffe
age
411556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27244
x-xss-protection
0
expires
Tue, 19 Jul 2022 20:50:55 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1714 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcShlCmS8Uvhto25PVB0AyoRslB7nn5QUVjqW3zCElnEcd7x4Hic1-c3SKKD0g&usqp=CAI
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26281de9d9ef67a4eac7eb0100f56b1ed24999558bf8660280c008a5f2a886d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 15:38:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 07:18:34 GMT
server
sffe
age
343930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33078
x-xss-protection
0
expires
Wed, 20 Jul 2022 15:38:01 GMT
16718395175647122093
tpc.googlesyndication.com/simgad/ Frame 1714
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDLtpTtQBDeAhjeAjII0goevw9MXWY
  • https://tpc.googlesyndication.com/simgad/16718395175647122093
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16718395175647122093
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b96b92f6bdbe9e386407a0f6fd461a40593a4c9d786b2a7fcec8f69049c508ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 03:01:09 GMT
x-content-type-options
nosniff
age
389342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33124
x-xss-protection
0
last-modified
Wed, 27 Feb 2019 07:50:26 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 03:01:09 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 00:00:05 GMT
x-content-type-options
nosniff
server
cafe
age
54606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16718395175647122093
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Aug 2021 00:00:05 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame BAF1 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 00:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 00:44:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame BAF1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT9CaxjO-z3PewRnC6EWjA36JFry4g4zrmhXentoAKUywCpkbaHUouRKFq7F14VP3YLf_qh3jKNe1sNLzmrgrbeIfImbqlCjEwtT7QTQ9fo7gWgy2satsMBqdqSgN4a-X4cr6omweFjBhDPqETRPSC-Ab_hA&dbm_d=AKAmf-D8tgPByJ631X6FCGrsAY6YULhHlF1HbSEGWLurziLmXZ-k92svvAYeWsyOw28IKdO-OwxnvrjdNIwU3mTEIxuGp8XsUIQZrE8W5PEuvyQs5haQ9x8R7wQf1cXodxnlr8Wy6DRd7Fs9Ol73qDwrLYFaCNyHhBIxklvOHtybBV7geSkKpbuMbnn-1ZamQzr-j5ObWSqTNPezinInBxmHzMSqn3S-c-eocMabqUKiF5wjXXd5zwbwimZTHdsal1oy9AC39p-M3_lj_ubP86izs2em66jEh_Ecp5vYlXx19B7_iDuNZI7f1gQBBu5M_MUhZwPSSeAkgFbJN1sYZjaBC6ATIsB4qS53JMS35Lrfw_KGjjNZzbzaWOJFLeQokLh3NILxDKi2Ur0g74lwxnexqFwBZBDdFjFsiDPXp-PvF_p3IBWM2Z4Vs59jSZA7nJOtCmsQntOSdNlic2S_AYTDHKfY8W3UI9_21i8ZkdbAuJF7Boz-QgBSo-_pWv9ZX8_os5TNcSgENH5N5zUi-R1cYVC2aRH1h_h_iuj8fkiZdfUSKeoFem0BCNLcOAsu1FCt7bUkeoMejA5ysD1zx6H0qAaOKYnYcSeKEmTmfb9Ggc6xuGxyxwmKQvxQvWYkJCm_JFzGNf9xQrsrZDPXklwDpw26R7ifDJfKvsOF9aVPESsXAyI5M-NaZBcutxLcaaGpRxj4UIyyWI1wU0bZol-FJBmguAkUIKDULMUJLb8pgydxrT0twTSvQvuIeHD7t-ra9EVt2htHQAg7YrnTsAap6MEzUGyyZAYWQRdZSM6LVsJNbB9wjQ9BRFHziApxIW8vGGpgJ7NmfrShUR2Z0X6Mb8eCVDHHVNXARy-iY4m947rIk1wx1qhZBwrCg-H30vSakn6DbeblrC4F2rbPnDeSXP3yQWmCzS42WBce4IsJEZZxb5AjoH5JHzYbCkSg3vOdUVICXadCVIXGrTlcabGN-6dYr8htdm2rFVjbYg_CYkBLDOx37HwAhMvomM9vMEHWSNWXYRIsssY01wsVPAX-b25JiKaY82cnUlB2luvoGwyGfSP3OO3W9bNS5WZ8oixnOYErpbJbcC2pBVOiU2PkcCH897V96uu3LN9kwHMg5HDhbhFf0AL3O5eVOuQD4_FRf69bEOhXfQRbDE2w0dmuUJ6VpP-eWhvuKPzAkILqdwTcss8PKE-htlUIbIeUV1qr3Vi8cE__xSVIZuwnR6kAz28J5yaIzgarsXx5DwXSgg4o43EFcBqt2GDf2oWLByUL9HhQNe5frkeD9hzg3DDS6sz9Aq94qJyQ8UrS-zhiqKjCr6-S1IcmNgDPzxaohnjE7kVaDsTEfx6bR3hbtbzLrHt_3owt-oQ9SQCmrvmSjKAwX0HKi3iNLoR2QDPYBkpCKcE2KghtDA9L9Urv_Z3urQJTBBoHW14XsEMsZuA6m2qwV52Wsi4cdtw045RDkSV_mo1CiTSPM0IMz143JSpyFAUMhP032SuTi6_lCI-taANxgfhuGMiCXSWMot2kf3ho9VW_quVb2eojH7a1Wf-TNzmnPAnC0eqkNDcIu_-ZuJUBLMq5QTLbjB8IcBRRWUM5okypNn3gVFZA1IJSQhO653WmO1UqOfPYT_rkr8YlI17O3OkiMr7anFggUJ5U1vtS3wSYJgsBz6k6p6T64VkdeCHlVrDj8D9pTRPpsvG5UQ2I3FxFDLuPU_faZ1_z7OQBnxRrv1YZRskaAhQhGSBdIoksLY2OS63QSqN7DQdoQbGHYyVc3-fNyGQgc5hd359fJ606zGWWosIS9NC-YgyyRfx54ZwKGKd7hvcbi3d7I8Ngb9fiT2Oahqa4ioimx6ilNT8CsNKQbyiI0Rq-OAvbbSqVz3Pst_roqBkK6zLMlTlhPKF9RfxZGzOyt1S9ltyVvJrQXtGzNnOw3PyhMt05_5YImaJeDxxy3idOz4auArgEcT930j7dy3E-zhzXFvrrk6Q3pKdzlHl9zDXBWfycCZ7057IDiReZRnQdo2_SxnxBMlF48EZyLQdXjHS_ggvAG2iQ7EasGB9uUoQ-CyxIGsbNtCcbhy3QI2Bc240PdsAKdQ-eKTCy3hF0P4pjmb7TVLKaEksY-sYthG5i77ss-cIFBTVouaGEVUJ9y8yYCmjic3j6lc45gl7lGedBa1jwRs3Zt8VXwfQuir6i5BkpvcARJZp4McrluZH05HniMv9oi844S5ZoV0kR0S9Y2IsMajDz59_5LpLkUvJPgI9LMjIuiS2p3m3jOmJoEGYnbjsobD2uMrZNL_8gOO_hUVm8ULzwEnw23s7jyxXFGobrmr04q-M_p72bfARh1NR6XVw9VUTqemt96kXKDJiZTpQtaTn33Zll0tGXWc0z6UJuV3RVZfJNKrFBS2z_Dv6f32dRrG-NE4pN7pZU2ppReuntSr7__ITerMSuEsPxBTHzGo_sAWO05erdVJY0IfMl6Hs5-56BEsinkHHVfi1wSFyPu0hQHr1w3vQ85iMtBuSBNtSgGR9HI_jT428ySS0Da2ZqUpxSr4LU3TFucW36NdXOr-wKnGHkN7AVmF4Qm0J4MOTDCk3_9k8WQf-94974oGT22dba3-oGQZ4Dh94hrgBGOl1fhKqSochyp4WX_GFhXiIuRLbyHr1pFf41EstKkBMobc-bVw5nDfM6MaxzeETZPscEm-yNJXwjJUKAa5mm11xsdPlnsyNett768MfLbHol-ur1wSu5VPMWU2ybjlT9QfH5QtYqKd_Toy-Be7iDRgj3KrFWpUsR5wGQashB5cjnOnJvR9oYz2GewSuynwaLcoUVCYt6nx6b7pP4HLmqN38qTAvMcOiPlC7M6SZMSB5cwsQeAps9WmNSLiFRdSR5rMG_N9zGrejS1gwnunzhhuixvPOrEe9MN5rotoDZ3a_lpyGJhlHbb4lD4RH2DJLhCNsF1WGbgqNdP9ambJh3Vdh6i1b2YrwkTvPeEaOWkTW5qZMVlb85-FL7xOVRIIQk9yWCQfZJUrARQvfh6DQyouxAm2KljRilf5uwihhQLUHqtVIHSOV17W427kNFTDyptPtQr10dREBWHUjyWAoRY5U0ZhNhWw1lRoSsb5APHU6cZI_7PUz3OLb4qDB8yo_ATr-Y25eEeaXeTXCnrZF2e98x3_JlAw&cid=CAASEuRoXY2D-A-ohf-B5HTbyJIDgg&rfl=1%2Chttps%253A%252F%252Fwww.creaders.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:05:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame BAF1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT9CaxjO-z3PewRnC6EWjA36JFry4g4zrmhXentoAKUywCpkbaHUouRKFq7F14VP3YLf_qh3jKNe1sNLzmrgrbeIfImbqlCjEwtT7QTQ9fo7gWgy2satsMBqdqSgN4a-X4cr6omweFjBhDPqETRPSC-Ab_hA&dbm_d=AKAmf-D8tgPByJ631X6FCGrsAY6YULhHlF1HbSEGWLurziLmXZ-k92svvAYeWsyOw28IKdO-OwxnvrjdNIwU3mTEIxuGp8XsUIQZrE8W5PEuvyQs5haQ9x8R7wQf1cXodxnlr8Wy6DRd7Fs9Ol73qDwrLYFaCNyHhBIxklvOHtybBV7geSkKpbuMbnn-1ZamQzr-j5ObWSqTNPezinInBxmHzMSqn3S-c-eocMabqUKiF5wjXXd5zwbwimZTHdsal1oy9AC39p-M3_lj_ubP86izs2em66jEh_Ecp5vYlXx19B7_iDuNZI7f1gQBBu5M_MUhZwPSSeAkgFbJN1sYZjaBC6ATIsB4qS53JMS35Lrfw_KGjjNZzbzaWOJFLeQokLh3NILxDKi2Ur0g74lwxnexqFwBZBDdFjFsiDPXp-PvF_p3IBWM2Z4Vs59jSZA7nJOtCmsQntOSdNlic2S_AYTDHKfY8W3UI9_21i8ZkdbAuJF7Boz-QgBSo-_pWv9ZX8_os5TNcSgENH5N5zUi-R1cYVC2aRH1h_h_iuj8fkiZdfUSKeoFem0BCNLcOAsu1FCt7bUkeoMejA5ysD1zx6H0qAaOKYnYcSeKEmTmfb9Ggc6xuGxyxwmKQvxQvWYkJCm_JFzGNf9xQrsrZDPXklwDpw26R7ifDJfKvsOF9aVPESsXAyI5M-NaZBcutxLcaaGpRxj4UIyyWI1wU0bZol-FJBmguAkUIKDULMUJLb8pgydxrT0twTSvQvuIeHD7t-ra9EVt2htHQAg7YrnTsAap6MEzUGyyZAYWQRdZSM6LVsJNbB9wjQ9BRFHziApxIW8vGGpgJ7NmfrShUR2Z0X6Mb8eCVDHHVNXARy-iY4m947rIk1wx1qhZBwrCg-H30vSakn6DbeblrC4F2rbPnDeSXP3yQWmCzS42WBce4IsJEZZxb5AjoH5JHzYbCkSg3vOdUVICXadCVIXGrTlcabGN-6dYr8htdm2rFVjbYg_CYkBLDOx37HwAhMvomM9vMEHWSNWXYRIsssY01wsVPAX-b25JiKaY82cnUlB2luvoGwyGfSP3OO3W9bNS5WZ8oixnOYErpbJbcC2pBVOiU2PkcCH897V96uu3LN9kwHMg5HDhbhFf0AL3O5eVOuQD4_FRf69bEOhXfQRbDE2w0dmuUJ6VpP-eWhvuKPzAkILqdwTcss8PKE-htlUIbIeUV1qr3Vi8cE__xSVIZuwnR6kAz28J5yaIzgarsXx5DwXSgg4o43EFcBqt2GDf2oWLByUL9HhQNe5frkeD9hzg3DDS6sz9Aq94qJyQ8UrS-zhiqKjCr6-S1IcmNgDPzxaohnjE7kVaDsTEfx6bR3hbtbzLrHt_3owt-oQ9SQCmrvmSjKAwX0HKi3iNLoR2QDPYBkpCKcE2KghtDA9L9Urv_Z3urQJTBBoHW14XsEMsZuA6m2qwV52Wsi4cdtw045RDkSV_mo1CiTSPM0IMz143JSpyFAUMhP032SuTi6_lCI-taANxgfhuGMiCXSWMot2kf3ho9VW_quVb2eojH7a1Wf-TNzmnPAnC0eqkNDcIu_-ZuJUBLMq5QTLbjB8IcBRRWUM5okypNn3gVFZA1IJSQhO653WmO1UqOfPYT_rkr8YlI17O3OkiMr7anFggUJ5U1vtS3wSYJgsBz6k6p6T64VkdeCHlVrDj8D9pTRPpsvG5UQ2I3FxFDLuPU_faZ1_z7OQBnxRrv1YZRskaAhQhGSBdIoksLY2OS63QSqN7DQdoQbGHYyVc3-fNyGQgc5hd359fJ606zGWWosIS9NC-YgyyRfx54ZwKGKd7hvcbi3d7I8Ngb9fiT2Oahqa4ioimx6ilNT8CsNKQbyiI0Rq-OAvbbSqVz3Pst_roqBkK6zLMlTlhPKF9RfxZGzOyt1S9ltyVvJrQXtGzNnOw3PyhMt05_5YImaJeDxxy3idOz4auArgEcT930j7dy3E-zhzXFvrrk6Q3pKdzlHl9zDXBWfycCZ7057IDiReZRnQdo2_SxnxBMlF48EZyLQdXjHS_ggvAG2iQ7EasGB9uUoQ-CyxIGsbNtCcbhy3QI2Bc240PdsAKdQ-eKTCy3hF0P4pjmb7TVLKaEksY-sYthG5i77ss-cIFBTVouaGEVUJ9y8yYCmjic3j6lc45gl7lGedBa1jwRs3Zt8VXwfQuir6i5BkpvcARJZp4McrluZH05HniMv9oi844S5ZoV0kR0S9Y2IsMajDz59_5LpLkUvJPgI9LMjIuiS2p3m3jOmJoEGYnbjsobD2uMrZNL_8gOO_hUVm8ULzwEnw23s7jyxXFGobrmr04q-M_p72bfARh1NR6XVw9VUTqemt96kXKDJiZTpQtaTn33Zll0tGXWc0z6UJuV3RVZfJNKrFBS2z_Dv6f32dRrG-NE4pN7pZU2ppReuntSr7__ITerMSuEsPxBTHzGo_sAWO05erdVJY0IfMl6Hs5-56BEsinkHHVfi1wSFyPu0hQHr1w3vQ85iMtBuSBNtSgGR9HI_jT428ySS0Da2ZqUpxSr4LU3TFucW36NdXOr-wKnGHkN7AVmF4Qm0J4MOTDCk3_9k8WQf-94974oGT22dba3-oGQZ4Dh94hrgBGOl1fhKqSochyp4WX_GFhXiIuRLbyHr1pFf41EstKkBMobc-bVw5nDfM6MaxzeETZPscEm-yNJXwjJUKAa5mm11xsdPlnsyNett768MfLbHol-ur1wSu5VPMWU2ybjlT9QfH5QtYqKd_Toy-Be7iDRgj3KrFWpUsR5wGQashB5cjnOnJvR9oYz2GewSuynwaLcoUVCYt6nx6b7pP4HLmqN38qTAvMcOiPlC7M6SZMSB5cwsQeAps9WmNSLiFRdSR5rMG_N9zGrejS1gwnunzhhuixvPOrEe9MN5rotoDZ3a_lpyGJhlHbb4lD4RH2DJLhCNsF1WGbgqNdP9ambJh3Vdh6i1b2YrwkTvPeEaOWkTW5qZMVlb85-FL7xOVRIIQk9yWCQfZJUrARQvfh6DQyouxAm2KljRilf5uwihhQLUHqtVIHSOV17W427kNFTDyptPtQr10dREBWHUjyWAoRY5U0ZhNhWw1lRoSsb5APHU6cZI_7PUz3OLb4qDB8yo_ATr-Y25eEeaXeTXCnrZF2e98x3_JlAw&cid=CAASEuRoXY2D-A-ohf-B5HTbyJIDgg&rfl=1%2Chttps%253A%252F%252Fwww.creaders.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:02:51 GMT
AVmanager.js
player.selectmedia.asia/script/6.1/ Frame 632F 		344 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:11 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycduGb5eY5F2305ClyY0GOLWfJHJVr4MWi7vq7fM1o2FeevNez7mIbrdqMXP1LG9_yX-3Qa8JNclgQuQcX2sQgCCqFD6QMA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
99395
Last-Modified
Wed, 14 Jul 2021 08:58:16 GMT
Server
UploadServer
ETag
"ae36937a7d404d46344fcd812980641d"
Vary
Accept-Encoding
x-goog-hash
crc32c=GfSxwg==, md5=rjaTen1ATUY0T82BKYBkHQ==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1626253096644759
Access-Control-Expose-Headers
Content-Type
Cache-Control
no-transform, max-age=300
x-goog-stored-content-length
99395
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sat, 24 Jul 2021 15:15:11 GMT
syncframe
gum.criteo.com/ Frame 5FE3 		291 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.creaders.net&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.creaders.net&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
272
date
Sat, 24 Jul 2021 15:10:10 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Jul 2021 15:10:11 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 2BD6 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 00:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 00:44:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame 2BD6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN93kCMk6ulSdWl9a7MqQOq1IBkAZmQNGr19lrfHBkobBEs3Hky9ZnoQHU7DLVOWTOaFFm5W9hSco0BEGfWjM8m0FKbqA5IWRcp4bGVIJ_qSP_kLyjKNMRwiiL_EP4qIg2ZkVZbdo8AKkRnfRyxS7BHYsUlw&dbm_d=AKAmf-ASo0hSG-Epd6iVxm0CTOz3lZDECr8x-TXbjgFgsqi6wHdBDOPbtrJ80NLZqjMCt2cHIKJymYTpWMM5DWCfFQxKMfKiKm_rqXHk7OYqLpeNLb5Ymv0SepV8v3T0sRJuKer23sFz9FbIOJbg_cbDjs-Yu-EnF9TAsxDr7a5jE735fS6T8KyHVcpL_yGqNnEripX8ElvtCJx2xs2D8vi0alq42xJuU4fmpbu-rgbVM_Q58lUI_nELsqr9m95ptCCNCyTiVpgPVGHvogtmnXxJKmaLazF87jYMgF6hAmLda_0Ehm3waqLQlKe4bDQhnZHPfPqX7VcRu8_NHA7FF-5sORLcp_yF09vsB_N3ZsrQBxlbHSphQTKn_5SjUAr_j5lnQ5W1gq1sHiCxGoOv-BWhZ8fIuHpqFoR_jjxkOTI5Kf2XH6xHGdQ2Y_yKWIxlTCkgPSJKNJ5mI3vpoyqrSGKPwIWYlQuWfBLLXE1V0opyToC2LA8p173VlyQ4U6tnsGNfiqksUFsct8HZWgMjIpN98_X0Bt01o_r6jwoRdtyuU10r9VGTllZKjvER83BfzyWX2HxEpvYO4gyOuzR1A3JfaCCuXo5_y8A8snlM4CwMD212pXk0nXAZ-RW0MAk3RlLx_vDYq3TDHq4vorzy2CNt9oA01Q9HWoaT22OGehHHVhyKZASRF15taZR28SHlwgEpUr4VXeVEJxPuGb9b45ORx_NP724e_6BrmDGXbj6tPTRp_Bg-brsqDYsfhHOrbVFbsMgURo5yyIe4cDcYkzvTzgmw03P6FdA4Pi5C7DcoTQ257V_L7mNLEP7d-Vrr5lERICgnbyLLd-JnEhFUtOK10slNl8eToZbUmorWJlbEgEuGYFL8PFsEuPbEVW_e2pIrabYTO71RrBAJh7G61XcOtlT8GKPfZowE8O8yl4DKIAn9_GB8KB2X6aLdseQMFj1-mX7_1Sa6raiP0mStINTu5AEBf-BgPufnEb_r20AswRkuXgenIYk7f88SwanDkOdGYtnvvLBsKGhFL6lDyg7NYljxAqgOSRJXJcJM7yWMQnWEuh7Rpg4diVpkaF9zkPoDeoc7vRM0P-uT7aDAmz6Ns-LKk_vNDitJWTzlW_47q0HkudMwGSUWaR1ujtgbTt2zpKFvlxlUsUlMEx1eMysbJtWQ-v4jeJ1Q9JqRYc2ed52j5Ja7LPtVdWtb3oJrk4lh8a6lYTkikKnXvzPstT_d1ZUlf0hFG2OQkZIlOV5CxcC6fGSAc3o1aRpn9_hiC4KLc_OqogAgX0WmqNqgkI3Mhm7l4QnOREI1LVadKbmD9wWFIQgMvQtSk_u2s2gap1TEJRJKyIm1P9OLUxW-kMJrHvRvLbmJBgc5yDLLZyrotS1VvPQ3fulTWgjWKpCBvtZg1wJUQ6c7ILo7kcaLJKBca_582tudsk6SM_5OSepI3zPQlakWYw9UfNeuhj-__qHU81ruFlNXqNSs6VOaTc-1uA2aXJUC_JQAU8fMBkBv8b4qk4SV6moKzDJ8wE522RJvbtIIGTAj9coM4kNuTvtMDZ4EKqn_e_BE7PNdOU9VBHghavinbTye57FfPuoGRJxKla6zbjkn73968zegtYzkp9zkd_3TPu5dm2p3MrNqPMYtrNrZ5KbxgL_7PMQGjKglKr9Nd9sEvIcLb4C4SmY2IRyDRCXv0thH5iUgtq22M1TX-HRipM_vE_mQRdZfg405AcXwu3uGMrgU2aCTVBpzI4ZDvurqNbzm5sPTpZJgCEQYfgIQ2fN7Kn6iHlV41ZKq7sHqPuRFwMtvOvWQjsTRuknpFAZQiPZfHu0fHchNPOUzhLZaqdreBNhaAKZg1Kk2xpkoqdf0KkZL2_WpiucMEfxRQ1EIM7tQ6torh_y1t41IJ2tvO23yq1gxoRYED2fAZA_UJS96CPKYWi_ihoo8zM95ZOF5zW9gACkTq5A0LPgfw-tFvexvm706iHUy_H6v40lhSZr5nm7QVnnUcIhtHbLOiZ9Hx3PMQqxIc9pd2yhCwcMf1NXxJdFJO3p3Gt4t1W0KkDdo4RL1hyRRz6XV0BEykpOJxoFUkK7ezv4-shnccQtsAiC9z7qX57QAYZKSulFRrbslHYJn8cXZtsC6hbTU6lP-_MOnT3P-Kch5Bhh7TGcUQjax3-5U8AtM0kyQWuvp6nyofSuaiWHdDXmcm6cOuFx6bfcNHkMSfm7Hvx6jeJ0Fa5qieTCPa02vgrGdJxkzJASXTMknEiUbmpOgHHlr-TgB0Xs5TGbcbMW8rDpDt6rup0rBS8kAhBm1DvM5NehuFNE0Y4zml4wkuDNn-TpsqGr3BeBG8c1f0hHXP-J7xreK-nSLLBfFdsy_nG-wfuTys8dduQuVEz6iMdo1ghPvUrefR-t-Y2goqN4tolafokG3Wz7PHqvWTENJ4ldHlvLWRSlMU8mOKCLl11GlBMQ6RzuLG9VED63dD_u9qHyg68mP8NLSvSfDCIEp_uzuBbQ4lbgd7yvA_Sy7kKkqUT3lcC5Y57EHN4nHPIU1Ah6FOVxpzJnuJprYJh7SVyQDH3QGj_Mz0H0eUCdsgaMOKHJCdFb_5P3vukkt5dRdAQmdN6zPszuhx4clzeapCLjcCwFRlUAEIktsv9pfuPbsGi7Poh6zAWYSf7XToLa93_1P70TeozsCvDXoonIdMqPvL1gtRQubN77Pd4kEEXQOIQGwn3gn7ugck3adEGe_kp0bOOhXpKGIyQUHNdxm1qjFahq7OrBinW1ctRikWpbOLlEU9TbXSMIlHJiD5AsABFKlA604i1c2c8Gz6j_wpPZFuPKSwEe0DAQeSJn9V53a1XyfjCbNvVmWD-C8Y9x1s4x65XbMGSVcjIw43m8LqBPoeIO77OWSqVlc92hUJBQgMfV-La-RutrBflCXv1RsGYWuoTCko3gbRYla8I3bqZ2LtSoxCaxyEza5CMT3GN-_3guicY2jp-02wXQkgrx5Sv-2lv9Cv454RELYtGHX8u6CYTUsnO4uqg8uYrLOrzdmdqYfkTAIgIvFls5Rxk5vomOlK_Gja96oJb6V3pdeU49XJluCivoI9-hYrSn6G7xxxtjSt7KxK9en8ckg_I_X63L1VZ4DduxW66Efw_jrIT4joEwee3bW5N7sqz39PAted_0-g4yw39iRbHVyo6i1Aa2o49Yql7U&cid=CAASFeRoS3wdGW4KrpPZMocFysr7TZgRmQ&rfl=1%2Chttps%253A%252F%252Fwww.creaders.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:05:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 2BD6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN93kCMk6ulSdWl9a7MqQOq1IBkAZmQNGr19lrfHBkobBEs3Hky9ZnoQHU7DLVOWTOaFFm5W9hSco0BEGfWjM8m0FKbqA5IWRcp4bGVIJ_qSP_kLyjKNMRwiiL_EP4qIg2ZkVZbdo8AKkRnfRyxS7BHYsUlw&dbm_d=AKAmf-ASo0hSG-Epd6iVxm0CTOz3lZDECr8x-TXbjgFgsqi6wHdBDOPbtrJ80NLZqjMCt2cHIKJymYTpWMM5DWCfFQxKMfKiKm_rqXHk7OYqLpeNLb5Ymv0SepV8v3T0sRJuKer23sFz9FbIOJbg_cbDjs-Yu-EnF9TAsxDr7a5jE735fS6T8KyHVcpL_yGqNnEripX8ElvtCJx2xs2D8vi0alq42xJuU4fmpbu-rgbVM_Q58lUI_nELsqr9m95ptCCNCyTiVpgPVGHvogtmnXxJKmaLazF87jYMgF6hAmLda_0Ehm3waqLQlKe4bDQhnZHPfPqX7VcRu8_NHA7FF-5sORLcp_yF09vsB_N3ZsrQBxlbHSphQTKn_5SjUAr_j5lnQ5W1gq1sHiCxGoOv-BWhZ8fIuHpqFoR_jjxkOTI5Kf2XH6xHGdQ2Y_yKWIxlTCkgPSJKNJ5mI3vpoyqrSGKPwIWYlQuWfBLLXE1V0opyToC2LA8p173VlyQ4U6tnsGNfiqksUFsct8HZWgMjIpN98_X0Bt01o_r6jwoRdtyuU10r9VGTllZKjvER83BfzyWX2HxEpvYO4gyOuzR1A3JfaCCuXo5_y8A8snlM4CwMD212pXk0nXAZ-RW0MAk3RlLx_vDYq3TDHq4vorzy2CNt9oA01Q9HWoaT22OGehHHVhyKZASRF15taZR28SHlwgEpUr4VXeVEJxPuGb9b45ORx_NP724e_6BrmDGXbj6tPTRp_Bg-brsqDYsfhHOrbVFbsMgURo5yyIe4cDcYkzvTzgmw03P6FdA4Pi5C7DcoTQ257V_L7mNLEP7d-Vrr5lERICgnbyLLd-JnEhFUtOK10slNl8eToZbUmorWJlbEgEuGYFL8PFsEuPbEVW_e2pIrabYTO71RrBAJh7G61XcOtlT8GKPfZowE8O8yl4DKIAn9_GB8KB2X6aLdseQMFj1-mX7_1Sa6raiP0mStINTu5AEBf-BgPufnEb_r20AswRkuXgenIYk7f88SwanDkOdGYtnvvLBsKGhFL6lDyg7NYljxAqgOSRJXJcJM7yWMQnWEuh7Rpg4diVpkaF9zkPoDeoc7vRM0P-uT7aDAmz6Ns-LKk_vNDitJWTzlW_47q0HkudMwGSUWaR1ujtgbTt2zpKFvlxlUsUlMEx1eMysbJtWQ-v4jeJ1Q9JqRYc2ed52j5Ja7LPtVdWtb3oJrk4lh8a6lYTkikKnXvzPstT_d1ZUlf0hFG2OQkZIlOV5CxcC6fGSAc3o1aRpn9_hiC4KLc_OqogAgX0WmqNqgkI3Mhm7l4QnOREI1LVadKbmD9wWFIQgMvQtSk_u2s2gap1TEJRJKyIm1P9OLUxW-kMJrHvRvLbmJBgc5yDLLZyrotS1VvPQ3fulTWgjWKpCBvtZg1wJUQ6c7ILo7kcaLJKBca_582tudsk6SM_5OSepI3zPQlakWYw9UfNeuhj-__qHU81ruFlNXqNSs6VOaTc-1uA2aXJUC_JQAU8fMBkBv8b4qk4SV6moKzDJ8wE522RJvbtIIGTAj9coM4kNuTvtMDZ4EKqn_e_BE7PNdOU9VBHghavinbTye57FfPuoGRJxKla6zbjkn73968zegtYzkp9zkd_3TPu5dm2p3MrNqPMYtrNrZ5KbxgL_7PMQGjKglKr9Nd9sEvIcLb4C4SmY2IRyDRCXv0thH5iUgtq22M1TX-HRipM_vE_mQRdZfg405AcXwu3uGMrgU2aCTVBpzI4ZDvurqNbzm5sPTpZJgCEQYfgIQ2fN7Kn6iHlV41ZKq7sHqPuRFwMtvOvWQjsTRuknpFAZQiPZfHu0fHchNPOUzhLZaqdreBNhaAKZg1Kk2xpkoqdf0KkZL2_WpiucMEfxRQ1EIM7tQ6torh_y1t41IJ2tvO23yq1gxoRYED2fAZA_UJS96CPKYWi_ihoo8zM95ZOF5zW9gACkTq5A0LPgfw-tFvexvm706iHUy_H6v40lhSZr5nm7QVnnUcIhtHbLOiZ9Hx3PMQqxIc9pd2yhCwcMf1NXxJdFJO3p3Gt4t1W0KkDdo4RL1hyRRz6XV0BEykpOJxoFUkK7ezv4-shnccQtsAiC9z7qX57QAYZKSulFRrbslHYJn8cXZtsC6hbTU6lP-_MOnT3P-Kch5Bhh7TGcUQjax3-5U8AtM0kyQWuvp6nyofSuaiWHdDXmcm6cOuFx6bfcNHkMSfm7Hvx6jeJ0Fa5qieTCPa02vgrGdJxkzJASXTMknEiUbmpOgHHlr-TgB0Xs5TGbcbMW8rDpDt6rup0rBS8kAhBm1DvM5NehuFNE0Y4zml4wkuDNn-TpsqGr3BeBG8c1f0hHXP-J7xreK-nSLLBfFdsy_nG-wfuTys8dduQuVEz6iMdo1ghPvUrefR-t-Y2goqN4tolafokG3Wz7PHqvWTENJ4ldHlvLWRSlMU8mOKCLl11GlBMQ6RzuLG9VED63dD_u9qHyg68mP8NLSvSfDCIEp_uzuBbQ4lbgd7yvA_Sy7kKkqUT3lcC5Y57EHN4nHPIU1Ah6FOVxpzJnuJprYJh7SVyQDH3QGj_Mz0H0eUCdsgaMOKHJCdFb_5P3vukkt5dRdAQmdN6zPszuhx4clzeapCLjcCwFRlUAEIktsv9pfuPbsGi7Poh6zAWYSf7XToLa93_1P70TeozsCvDXoonIdMqPvL1gtRQubN77Pd4kEEXQOIQGwn3gn7ugck3adEGe_kp0bOOhXpKGIyQUHNdxm1qjFahq7OrBinW1ctRikWpbOLlEU9TbXSMIlHJiD5AsABFKlA604i1c2c8Gz6j_wpPZFuPKSwEe0DAQeSJn9V53a1XyfjCbNvVmWD-C8Y9x1s4x65XbMGSVcjIw43m8LqBPoeIO77OWSqVlc92hUJBQgMfV-La-RutrBflCXv1RsGYWuoTCko3gbRYla8I3bqZ2LtSoxCaxyEza5CMT3GN-_3guicY2jp-02wXQkgrx5Sv-2lv9Cv454RELYtGHX8u6CYTUsnO4uqg8uYrLOrzdmdqYfkTAIgIvFls5Rxk5vomOlK_Gja96oJb6V3pdeU49XJluCivoI9-hYrSn6G7xxxtjSt7KxK9en8ckg_I_X63L1VZ4DduxW66Efw_jrIT4joEwee3bW5N7sqz39PAted_0-g4yw39iRbHVyo6i1Aa2o49Yql7U&cid=CAASFeRoS3wdGW4KrpPZMocFysr7TZgRmQ&rfl=1%2Chttps%253A%252F%252Fwww.creaders.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 15:02:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 2823
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7eCEGzAB&v=APEucNVG_La7m7s5K7bpac6osabFATbH6GUS2ZXBuyAwPYNWnOWEvh0lfGXG3KkWs5bV8jN6WunvN8FEWN51c6ksuA7g06EbLTksiPEXFgMzqUawyqkCgPf5iS3n6ENlhmos7vIUOQZ64NIMP8sTWDqOObhzSCmgen7mgOdkRBq3yeFxdTGKa5Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:11 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2823
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7eCEGzAB&v=APEucNVG_La7m7s5K7bpac6osabFATbH6GUS2ZXBuyAwPYNWnOWEvh0lfGXG3KkWs5bV8jN6WunvN8FEWN51c6ksuA7g06EbLTksiPEXFgMzqUawyqkCgPf5iS3n6ENlhmos7vIUOQZ64NIMP8sTWDqOObhzSCmgen7mgOdkRBq3yeFxdTGKa5Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2823
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7eCEGzAB&v=APEucNVG_La7m7s5K7bpac6osabFATbH6GUS2ZXBuyAwPYNWnOWEvh0lfGXG3KkWs5bV8jN6WunvN8FEWN51c6ksuA7g06EbLTksiPEXFgMzqUawyqkCgPf5iS3n6ENlhmos7vIUOQZ64NIMP8sTWDqOObhzSCmgen7mgOdkRBq3yeFxdTGKa5Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:11 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e10cad62-99ef-4056-96d1-458efa5d4ffe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2823
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7eCEGzAB&v=APEucNVG_La7m7s5K7bpac6osabFATbH6GUS2ZXBuyAwPYNWnOWEvh0lfGXG3KkWs5bV8jN6WunvN8FEWN51c6ksuA7g06EbLTksiPEXFgMzqUawyqkCgPf5iS3n6ENlhmos7vIUOQZ64NIMP8sTWDqOObhzSCmgen7mgOdkRBq3yeFxdTGKa5Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:11 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7f1be8ba-4421-4c9f-a6ce-f54d211e8984
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B0BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNWPCZxzfeROA9r571mltJlk3hdg83pBQnNXA2emTb66ds8Wm4yJxiwADL7VRFb7YNhbNypyt-rwlu2XVISfpSWNB71bzH12z2ILs9QXapYWIN9G1z3Z6nxE_unag5d8oMIoatFsMfJwVaQ8c2nphOoJgS2JqC5h36aVaCEOeOPEldpqvO8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:11 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B0BA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNWPCZxzfeROA9r571mltJlk3hdg83pBQnNXA2emTb66ds8Wm4yJxiwADL7VRFb7YNhbNypyt-rwlu2XVISfpSWNB71bzH12z2ILs9QXapYWIN9G1z3Z6nxE_unag5d8oMIoatFsMfJwVaQ8c2nphOoJgS2JqC5h36aVaCEOeOPEldpqvO8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_Ac-Lt9aFXZT7hgxExrws&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B0BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNWPCZxzfeROA9r571mltJlk3hdg83pBQnNXA2emTb66ds8Wm4yJxiwADL7VRFb7YNhbNypyt-rwlu2XVISfpSWNB71bzH12z2ILs9QXapYWIN9G1z3Z6nxE_unag5d8oMIoatFsMfJwVaQ8c2nphOoJgS2JqC5h36aVaCEOeOPEldpqvO8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:11 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4b987af9-10be-41b9-91d1-19738d37ed5d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENBbgQDwSebH1xx3fLq98Ys&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B0BA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNWPCZxzfeROA9r571mltJlk3hdg83pBQnNXA2emTb66ds8Wm4yJxiwADL7VRFb7YNhbNypyt-rwlu2XVISfpSWNB71bzH12z2ILs9QXapYWIN9G1z3Z6nxE_unag5d8oMIoatFsMfJwVaQ8c2nphOoJgS2JqC5h36aVaCEOeOPEldpqvO8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:11 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
56bf60bf-e54a-4055-bf3a-aaf5997cb4e7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY0MjMxOTkxMTY5OTE0NTIw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BFF6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 24 Jul 2021 03:09:05 GMT
expires
Sun, 25 Jul 2021 03:09:05 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
43266
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1714 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34993aa6f2e1b56eebaf1437f6afe32d7b779212ec156fc95203bab1d91193d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sfht0if3y.js
cdn.krxd.net/controltag/ Frame BAF1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f693ec2e56f32e7ac9af10b4ae6452a72110e8ec7e978790ac972b7cca86ab17

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 24 Jul 2021 15:10:11 GMT
via
1.1 varnish, 1.1 varnish
age
145
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3720
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5124-BWI, cache-fra19127-FRA
x-response-time
0
x-do-esi
esi
x-timer
S1627139412.891940,VS0,VE0
etag
"94e6320643d5c7024f8e5e6a1131d8ba96e99fa8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 42
index.html
s0.2mdn.net/4528516/1924166856372953/ Frame DE02 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/1924166856372953/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad21ecb119a3ccf137d9bcfef30d2cb0a08f8008c63b72a76111d836515a4cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/4528516/1924166856372953/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2449
date
Sat, 24 Jul 2021 10:21:23 GMT
expires
Sun, 25 Jul 2021 10:21:23 GMT
last-modified
Wed, 30 Jun 2021 09:14:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
17328
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame BAF1 		0
583 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3rAuVF1nCLBjvIrnDkw-fZ2-pDSmejeRxGmtCAQ9CypCNFcLDzl_WL9zrBoJJiVoq4i-xSCovA-FG1LjutjSSz1zcuJxYqBlZJHLMlY06x92dHGDGJUJbeWYPksn69VU-nlogHQy4PzaDB2Ibz1IKEL4Sqw-PkIcLT-hQ4AR99wtpMiimVv21Zqf4i76pcgy__PvmP0Kc1PkJ0ovcvdth1svluQrYpUjfbYiFTqWRTa37msKwTt4MIWgCVsLH5bnu6EO-QYrsNrQZjw7ISaHAdrb4KGlJf4vSunVfUmHd0nWnOG2B-ejme6alcYz_7WwWNE-TCShJt4bK9DASJyM5WYC-3oA_bGce6_ymIPyBTlLY3Ji0u_O1pJ6-kTCrcU6poZy8MFTRXMhWAcGE9cjE78rqAu9YPJHOhJORmtiTfEeCi3oKtwmvAMWUjX6vN-dqn0QYlvAp_M1cg4OoxUz-6YHNrg36oPh--y0NPm-NLA050EKnw9rv5OBArDG1H7sDEqfatruquYf_58G4XIsA-1JmGKJcX7RwCk3TnX5LGb5YM6y4kXhOY2MM2znLHqoubZFCyFN8Ee3Ii6rt8G-BDiEC1BBCWmORAwpg5qzmo4VVngctjwIUjA1bAdyN3XxvfKyCiWjz6L7cR_TMXJvx3CoKx3CN-O7XACQyzi7hdIPt3nZ1bVtVugEfIXbCDtTg4mMwzYat_Hr8-V6q-qQAgcv0akSvZCAON2EGDrkDoTL4cox9fQLVH2qmyFQC3e_RWRETnTxZq_eTUo1ZbCoaEJiJLlJqsvAYqjeCPVhgvp-O5bzj5Mw6utAWvWacd42Ud0xRNp0fDr28-lvVB7V46NbybuYIaeu172FDAQRY-Td9hhFYLo18CgGvo6qmabKW4_i52dqw6oiQcmmGTMRngpAXrFGArU95KvdJC58VKyYU1r1d0BxnPE9XAc5bZoxJOsweG6_ZpTlG8imBbdOavRWv2_ZyRy3pippzdqxEONnGDjrzfyvfVqjeBlA9N9bsnkma-xnuGmSQaYs_DWLZdpDDLekCrBpVgQYqZd0XO0xArJubC7ZOt6KgiuXvJ-JTBfCs7mHVhEibfDpQ_pzQ0o3cBeVNQSLt57rDpcFFz76FVd_fizDcyRH5lnFh7PhqoD7XzRXx-BMAUpP-7dkj858WK42due5p207aBGwF7pgTIvq4lDfAUEs1mgBz8r5fABS6L3hUDorrlxgXeCqvDAnY6IAY8vL5XXoATRcfWqz73H9nd65EZb_v&sai=AMfl-YS9ks2Fk-dCQjBBwLu1CO_B9JFOuY_O2GsrzFvxSEGxU8knBjQUCzJ1DcwBq6RjwTCO0AqC9G9gsMuepaThoWXEvegfaENpglytU8TC-GplRxRMqn-Viqexm7wWPrEgPhm-vwPFdcDFEWp01Q1wk9yilBYzEg&sig=Cg0ArKJSzLZEOi49_etnEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&cbvp=1&cstd=192&cisv=r20210720.28119&adurl=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 24 Jul 2021 15:10:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 1714 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 16:30:42 GMT
x-content-type-options
nosniff
age
340769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 16:30:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BAF1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 00:44:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 31DB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 24 Jul 2021 03:09:05 GMT
expires
Sun, 25 Jul 2021 03:09:05 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
43266
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BAF1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79816a5804a05c4eabdb8ccfb69ce175dc92eb4a78ff06ca7cd0c96a47f66864

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.creaders.net&sn=&ic=0&tgt=0&app=&wi=336&he=189&test=&apppkg=&fv=3&proto=https&pid=5c5bf265073ef44dbb3483fb&cid=60c21a7dd47c7876191f3a27&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&e=inventory&vi=100&cb=1627139411944
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame F977 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg6Y_XArm3rCl0ojCg3o1uIj56Dcm5esIJwDIteHwRFTPbaScpYqdwG7Is8tdNY7iPTUlrqY_vV3hHNG2qX9ph6Yt99xKuZb1uBaMGisP9r8uryp4dqB61adVi2Y3b8-h8Kd1qB5ogZoYHg1oDbmRIK2TnltomYE8bq22HiSo4AlQdvO8JsF84tkvl6K9ZpRDzSJ-yRZLhDs6UCwSK6UbNssabHeYEMVtJdsiZr8gWBOljLVUyDJfBPzuE6Yl8CWpbmCacmQZnkp8kdzpUugKnsgdzTDWhOSbt6PFugTWB8LqqmWx6dGBt9aqWVcQWf7Y&sai=AMfl-YRshdP_rsoSpK_dnNRaKjuNSAMeS6i0A-8XE5TEPVJa_qO17ieGKqJ1OcKkXb2mYyS5ldA0o06UKNzkzksjL82xpPDpliT8MKxcG2bFm3YNcEZQ93hq6qx_u8DZ33lX&sig=Cg0ArKJSzFIAgOBv51VYEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 24 Jul 2021 15:10:11 GMT
sfht0if3y.js
cdn.krxd.net/controltag/ Frame 2BD6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f693ec2e56f32e7ac9af10b4ae6452a72110e8ec7e978790ac972b7cca86ab17

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 24 Jul 2021 15:10:11 GMT
via
1.1 varnish, 1.1 varnish
age
145
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3720
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5124-BWI, cache-fra19127-FRA
x-response-time
0
x-do-esi
esi
x-timer
S1627139412.970979,VS0,VE0
etag
"94e6320643d5c7024f8e5e6a1131d8ba96e99fa8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 43
index.html
s0.2mdn.net/4528516/1216297344507822/ Frame F005 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/1216297344507822/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea892113a25165b37b3a949627b054d98a7f66561d914ed5725b1df4d295dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/4528516/1216297344507822/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2451
date
Sat, 24 Jul 2021 10:42:14 GMT
expires
Sun, 25 Jul 2021 10:42:14 GMT
last-modified
Tue, 06 Jul 2021 07:45:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
16077
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2BD6 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNkHxvoZ5FE6ffYTB59vvsxZcRoVNXAIvehmm8HFmJkZonB_1LFmhfQjevDlI07k8JeQGiiGKbjQaV6WSDHQpuqIQuCLgvkwpsOnH7RLeHVgEwefYZQ30c2wGmLlA61PDzjw9Bhx5dEaQtsHdCrZTiEwVToDW0JO-p33b4v7i62KY_U0sRI-PfORcOIBrTfi9S0vEHi8NZADw6P3Mkf48rPvdXhry602AMlvzaAtRvITVND_MkDH3iYNi1R9fpr_ijgBaFpH51TmASnkmVm30umo_z8-zOMVzk9URTsWBjqoXO-YgLlGrhghi2eCsMWmn4QReByrAoSjWq-es9eHbyzasI0FMcX1BVv1KXyiaFpHRAqq4QdvwToTD-ObDaTynubtGyaz0n7mDptFGjC6ZcHL88ddRW6ap4yDuGzSd34oigB6-39x1GcyGn1SpC1BH68XqOrbbS1D4V4RRA1LOKc1qGlnzBRpY_cAXszzxdAQPzCH5eveomu6LHYtjidAj3n3XCRxSq-jN6rbzbvPL8NcHHSuRBLkHmFFL3-ggJ5gp_xMDhJNGW3YipAIchGoA9OiguKkVt2zXEMLic10j2kv300UYHjtaZSAZT5m4234odwryXDiu3-sd_WCz0LfPB5yjMERxFoJ36hqSnOG8Z4RC_0k6yNEy0tZMoztu4OqKWCzeww1YLSd3yyIHN9h2LdGcJoLTZqlR3lErIhCM75mcMUU7sANps15t9rhW1CXiWWBItj-46-lCyNE6cXR9qB1WO6JpdhR4eXi1OQM--Vgy__w-bg3n3ESvQeZxTNMWCADzTTG0wlNY6Y4z5ZCu3htOuBJiGfPkJE_WDZrMCAK_cil2U20-5BI-yAByBrpMCG7z9NeDpX67Xg8KgAe4oRlOSO2cCvipIpZQxg3SBhOYIYFyPi078G1Qx4eS_xE2fZ81v6FldcjtKFDDsS2f-1LSKHpJWiHuaUJubB3caQ6X2ectNJ0SmpGs-Go9cpAXx_qLO1CIbUna_m3KvgtGHDSUZTD3ftFQp9xlBfecY_CVT6ERbFQQA2L2003kUZBY8Pr9fE9PGQ_GhTp0q1GcI7PMPDEZ5-4-Xoh636uzoPTFfGXqWbWj92_WwkqmV9H4KjrG3HRNlt6CTXCpPz0kQx10-joAp6fpZ7UktCrIbhAl4x2BMwfbx8GKHTjHt3dNyQaiadK0qzC-NW-Etu6MrsExI5Q&sai=AMfl-YTBzflVqmV9eUM128gJ3ar8He_taByGk9RW9XD8_EWoWK7jcLDjIFk_1gvdtzdU6hj2HUVnXzw9aJ2UC77yTu8PfjLL6etXAPlYrZqsANZnHhI5XaxLT7bdNdRvKvUu-peNwEQ_dqNrpPpS_KLMS2Iw4YbYlEzPpfExg2Y&sig=Cg0ArKJSzNhA_oJyS7fREAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=163&cbvp=1&cstd=162&cisv=r20210720.32685&adurl=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 24 Jul 2021 15:10:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2BD6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 00:44:09 GMT
truncated
/ Frame 2BD6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
367cb91efdca4f425e00118528ffd75f0bddad4db20ed0c586bc2215b8f2346f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
vidsplay_pass_pre.txt
play.selectmedia.asia/58fcbed1073ef420086c9d08/5fbcd7e8d7af2a444b42eac7/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5fbcd7e8d7af2a444b42eac7/vidsplay_pass_pre.txt
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0ef53677e97b7c0aaa68a9d7e0c3632641480ed0fb28d1982cd0dbca61a55346

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ABg5-UysdkybWeTLpWjdK7ySgdXwLM7D64sae3frTOEPHhc9sEp_FoEfK8dGdimOqu2-_Wl4ariI8LjECWBJA9494Q4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
808
Last-Modified
Tue, 24 Nov 2020 09:52:49 GMT
Server
UploadServer
ETag
"9afd45f42f905f5ad656f233fd821668"
Vary
Accept-Encoding
x-goog-hash
crc32c=5hBGtA==
x-goog-generation
1606211569654311
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, range
Cache-Control
public, max-age=1800
x-goog-stored-content-length
1990
Accept-Ranges
bytes
Content-Type
text/plain
Expires
Sat, 24 Jul 2021 15:40:12 GMT
/
go1.aniview.com/api/adserver/tag/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=60c21b1576524450f8723437&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.creaders.net%2F&AV_CHANNELID=60c21a7dd47c7876191f3a27&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.creaders.net&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=60c21b1576524450f8723437&AV_TEMPLATE=60c2188a59f9b83f06493dc6&v=6.1.1.243&avtoken=411944&AV_WIDTH=336&AV_HEIGHT=189&AV_DNT=0&cb=1627139412018
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.42.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
68fb5d546df3374e0cff9e507bb2aa51ffa7416bec3e18e511acbbd05ca664d1

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Jul 2021 01:23:32 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4F5B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 23 Jul 2021 05:56:59 GMT
expires
Sat, 23 Jul 2022 05:56:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
119593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ Frame BAF1 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
age
14121488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1028322
content-length
84451
x-served-by
cache-fra19127-FRA
last-modified
Thu, 15 Oct 2020 07:09:29 GMT
x-timer
S1627139412.047338,VS0,VE0
etag
"0631b7d64dbbd3656a8b7368ad227a04"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 13 Oct 2030 07:09:28 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame DE02 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1924166856372953/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 24 Jul 2021 15:25:12 GMT
javascript.js
s0.2mdn.net/4528516/1924166856372953/ Frame DE02 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/1924166856372953/javascript.js?1624606365404
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1924166856372953/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e94b912fd235e1edb8f35f52364fe572b4e4f00c07830867b29eaadcdf578b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/1924166856372953/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 10:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9325
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 09:14:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 25 Jul 2021 10:21:23 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B58B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 23 Jul 2021 05:56:59 GMT
expires
Sat, 23 Jul 2022 05:56:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
119593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hb_310028_7816.js
player.hb.selectmedia.asia/prebidlink/451983/ Frame 3F16 		367 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/451983/hb_310028_7816.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3b75a8397ac1524344170247685676db74881aedaae13c0e0000ec4e15c96fd7

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 17:13:10 GMT
server
nginx
etag
W/"60f855a6-5ba23"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sat, 24 Jul 2021 16:10:12 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3F16 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
43c70c5f3b7a3a6ea577f5c5536a4a515e8723e81e749935e9e8385894256959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"938 / 377 of 1000 / last-modified: 1627080183"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24037
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
wrapper_hb_310028_7816.js
player.hb.selectmedia.asia/prebidlink/451983/ Frame 3F16 		936 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/451983/wrapper_hb_310028_7816.js
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0072a3a862389db85f24f67f091c866d9463e44875051ece740a44b619280cee

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 12:37:07 GMT
server
nginx
etag
W/"60f96673-ea060"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sat, 24 Jul 2021 16:10:12 GMT
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ Frame 2BD6 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
age
14121488
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1028323
content-length
84451
x-served-by
cache-fra19127-FRA
last-modified
Thu, 15 Oct 2020 07:09:29 GMT
x-timer
S1627139412.063472,VS0,VE0
etag
"0631b7d64dbbd3656a8b7368ad227a04"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 13 Oct 2030 07:09:28 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BFF6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM8JINzMYgDoCiYdEYo9r-E&google_cver=1&google_push=AYg5qPIkK-IWSMx01eT7WecEsQiW6y3FRTng3q7FSvad3csdDuselSw9KbfMCSAK51Ms-SyjjIh8suHP24KuWkDZYVY9wFDIS_w
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE5MzQyMTc0MzY1NTQ2Njg2Mg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJn2J4v8t4GITPfwPrxsFtw&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJn2J4v8t4GITPfwPrxsFtw&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJn2J4v8t4GITPfwPrxsFtw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame BFF6 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAHNQLD-O6JAK_ncInZNig8&google_cver=1&google_push=AYg5qPJoJbGoOtgEGqv2TBuzpiQULOnCUlLEXPb1KRSuhturI4A_biaBHHh2SaVs1jPx7-MpjKxOKl6pXby21Q9hPn31FxDJtK8
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFF6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Wko2YmR1emcxTTdqaTQ1&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&google_cver=1&google_push=AYg5qPJ0b-4lIZ4TZJHL4unq49ggrZxpmKa8FgKfpg_83p4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Wko2YmR1emcxTTdqaTQ1&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&google_cver=1&google_push=AYg5qPJ0b-4lIZ4TZJHL4unq49ggrZxpmKa8FgKfpg_83p4XpUwneRUPfXzZgNElcw-TTJ4aXEmM0-YN8nckkmcvkdefkccVpiQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:11 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-09783869e9eb9ec2d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Wko2YmR1emcxTTdqaTQ1&google_gid=CAESECVKz15CXuNzHp1T4J5QIrQ&google_cver=1&google_push=AYg5qPJ0b-4lIZ4TZJHL4unq49ggrZxpmKa8FgKfpg_83p4XpUwneRUPfXzZgNElcw-TTJ4aXEmM0-YN8nckkmcvkdefkccVpiQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFF6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEgj2N_dmX1QjPUD3Km_8r4&google_cver=1&google_push=AYg5qPLpYYxGQjZdGKo2nbr9hNuyUj2yfV6e50WGsUfv4R5FO-Szuv8UhfpOre8LFY4GypHEdqN0XGkZ2EJCc2e8...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLpYYxGQjZdGKo2nbr9hNuyUj2yfV6e50WGsUfv4R5FO-Szuv8UhfpOre8LFY4GypHEdqN0XGkZ2EJCc2e8UC5okBJ09sM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLpYYxGQjZdGKo2nbr9hNuyUj2yfV6e50WGsUfv4R5FO-Szuv8UhfpOre8LFY4GypHEdqN0XGkZ2EJCc2e8UC5okBJ09sM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 24 Jul 2021 15:13:05 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLpYYxGQjZdGKo2nbr9hNuyUj2yfV6e50WGsUfv4R5FO-Szuv8UhfpOre8LFY4GypHEdqN0XGkZ2EJCc2e8UC5okBJ09sM
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:04 GMT
pixel
cm.g.doubleclick.net/ Frame BFF6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMHuSrLBz9EkTuwB-4vJzIU&google_cver=1&google_push=AYg5qPLYFm9xKct00VLC5qQYHElRE9r3qses2_rGU6sVOXGrLPI4GtO8HHtl-Q3TYTBUHyLbjWigMtQlAepjssp8l86-wT_EEkE
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA07E4C72B6B421E881E2906B9E39E93&google_push=AYg5qPLYFm9xKct00VLC5qQYHElRE9r3qses2_rGU6sVOXGrLPI4GtO8HHtl-Q3TYTBUHyLbjWigMtQlAepjssp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA07E4C72B6B421E881E2906B9E39E93&google_push=AYg5qPLYFm9xKct00VLC5qQYHElRE9r3qses2_rGU6sVOXGrLPI4GtO8HHtl-Q3TYTBUHyLbjWigMtQlAepjssp8l86-wT_EEkE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Jul 2021 15:10:12 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA07E4C72B6B421E881E2906B9E39E93&google_push=AYg5qPLYFm9xKct00VLC5qQYHElRE9r3qses2_rGU6sVOXGrLPI4GtO8HHtl-Q3TYTBUHyLbjWigMtQlAepjssp8l86-wT_EEkE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 23 Jul 2021 15:10:12 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BFF6 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC9uanReYCGSu9K7XDWykfo&google_cver=1&google_push=AYg5qPIw-BFVv64RIMYQ-lVln8_dUMVEcsx44gzaXtpinhML0fN50RfuGb5vcGGa5T4SYLtUrz739ikL_4K2fcgnRkTHtjS5_mk
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame BFF6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEktPCBgyV3Dft3AhBA6b84&google_cver=1&google_push=AYg5qPIccoafeSPtOby3I1MyOUmzCSBBEHeF0CHhoqdaa2FxjEKFu8LF9e65zs0eX_XhhZngDue2c_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIccoafeSPtOby3I1MyOUmzCSBBEHeF0CHhoqdaa2FxjEKFu8LF9e65zs0eX_XhhZngDue2c_oNziknSZKXflZpeZGaZqw&google_hm=MjQ5MzMxNjk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIccoafeSPtOby3I1MyOUmzCSBBEHeF0CHhoqdaa2FxjEKFu8LF9e65zs0eX_XhhZngDue2c_oNziknSZKXflZpeZGaZqw&google_hm=MjQ5MzMxNjk5Mzc1Nzg3NTYy
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIccoafeSPtOby3I1MyOUmzCSBBEHeF0CHhoqdaa2FxjEKFu8LF9e65zs0eX_XhhZngDue2c_oNziknSZKXflZpeZGaZqw&google_hm=MjQ5MzMxNjk5Mzc1Nzg3NTYy
date
Sat, 24 Jul 2021 15:10:11 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BFF6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPqci6aOjlpbR3K_w8WS16SPOp2VCSioatceN-xpT6mm266YAoA1xt8I56tVD9vs7BRnMS
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
createjs.min.js
code.createjs.com/1.0.0/ Frame F005 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1216297344507822/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 24 Jul 2021 15:25:12 GMT
javascript.js
s0.2mdn.net/4528516/1216297344507822/ Frame F005 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/1216297344507822/javascript.js?1624551219357
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1216297344507822/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70bc35b02a019fb9e475e118a4ce5aca7b13b24cf8f5d35e1429126d4c05f256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/1216297344507822/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11371
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 07:45:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 25 Jul 2021 01:25:27 GMT
/
google2waycm.netmng.com/cm/ Frame 31DB 		0
0
pixel
cm.g.doubleclick.net/ Frame 31DB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECe_47NAxsWZRI0M4C2oq38&google_cver=1&google_push=AYg5qPISi5c0_EVkGC2aX_Ky2HTuiG_OhrbpS3Yi8pECGkLoNY2P_25DrTNIh_Ei6IQrfQHAOxqk1Fes7611l_4p...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPISi5c0_EVkGC2aX_Ky2HTuiG_OhrbpS3Yi8pECGkLoNY2P_25DrTNIh_Ei6IQrfQHAOxqk1Fes7611l_4pCwpPFKqKGx58
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPISi5c0_EVkGC2aX_Ky2HTuiG_OhrbpS3Yi8pECGkLoNY2P_25DrTNIh_Ei6IQrfQHAOxqk1Fes7611l_4pCwpPFKqKGx58
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 24 Jul 2021 15:13:05 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPISi5c0_EVkGC2aX_Ky2HTuiG_OhrbpS3Yi8pECGkLoNY2P_25DrTNIh_Ei6IQrfQHAOxqk1Fes7611l_4pCwpPFKqKGx58
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:04 GMT
pixel
cm.g.doubleclick.net/ Frame 31DB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELKvK8-dhv9xYE9Sfqp7Oys&google_cver=1&google_push=AYg5qPKhf6bmfwlwwJ_SpJ-AtaBH-PrfwcFu4JWezZgEh4uihFLfD4dTWmfqZPqcunwY1GQ-Faw-dMNbVA-MFi6B8Svt5FXoaFqj
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD45E5673D1140C0BE47309827E5D454&google_push=AYg5qPKhf6bmfwlwwJ_SpJ-AtaBH-PrfwcFu4JWezZgEh4uihFLfD4dTWmfqZPqcunwY1GQ-Faw-dMNbVA-MFi6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD45E5673D1140C0BE47309827E5D454&google_push=AYg5qPKhf6bmfwlwwJ_SpJ-AtaBH-PrfwcFu4JWezZgEh4uihFLfD4dTWmfqZPqcunwY1GQ-Faw-dMNbVA-MFi6B8Svt5FXoaFqj
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Jul 2021 15:10:12 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD45E5673D1140C0BE47309827E5D454&google_push=AYg5qPKhf6bmfwlwwJ_SpJ-AtaBH-PrfwcFu4JWezZgEh4uihFLfD4dTWmfqZPqcunwY1GQ-Faw-dMNbVA-MFi6B8Svt5FXoaFqj
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 23 Jul 2021 15:10:12 GMT
pixel
cm.g.doubleclick.net/ Frame 31DB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGNjRFHvghZ_a0-vaGZ_5Cg&google_cver=1&google_push=AYg5qPKrtbf4SVLV9FxvnhOoMu578PElRueoNB7UMfks13bMnh4r9wXJEtoolPKjndPqr1huWHljJfAUnDxstP7_UoGZcWQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKrtbf4SVLV9FxvnhOoMu578PElRueoNB7UMfks13bMnh4r9wXJEtoolPKjndPqr1huWHljJfAUnDxstP7_UoGZcWQtzzYF&google_hm=MjY5NzkwMjgxNjk1MjU3Mz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKrtbf4SVLV9FxvnhOoMu578PElRueoNB7UMfks13bMnh4r9wXJEtoolPKjndPqr1huWHljJfAUnDxstP7_UoGZcWQtzzYF&google_hm=MjY5NzkwMjgxNjk1MjU3MzIwMQ%3D%3D
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Jul 2021 15:10:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKrtbf4SVLV9FxvnhOoMu578PElRueoNB7UMfks13bMnh4r9wXJEtoolPKjndPqr1huWHljJfAUnDxstP7_UoGZcWQtzzYF&google_hm=MjY5NzkwMjgxNjk1MjU3MzIwMQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31DB
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEL1-Un3wkt-N9ih0yyil4SM&google_cver=1&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg
  • https://rtb.openx.net/sync/dds?google_gid=CAESEL1-Un3wkt-N9ih0yyil4SM&google_cver=1&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg&google_hm=K6zh3MtkyTkUHuNSo9fc-Q==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg&google_hm=K6zh3MtkyTkUHuNSo9fc-Q==
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:11 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIvRoOd9GOb7xgOSFsTSEUdaFRbplgmVZ-0TiV7xItr27hoCWzGpPnG0IWOtM0_lQ-UXoEjEk1zaLZ5DExFahKjaH-yOpmg&google_hm=K6zh3MtkyTkUHuNSo9fc-Q==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
dt5qd75p0vo7oilo0o60roo9cu9a2dhb
pixel
cm.g.doubleclick.net/ Frame 31DB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oh5gpX46QzOevaVM0Bxacg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oh5gpX46QzOevaVM0Bxacg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLeoD_6QfkOldiQnCDVsrsLs16_OcKRD4d9zjsBfEcJxNCgH9FHwXvM6KPYxK0PUi8kNhWk1uSsZECqaNniaaPHz1xH5Ar4
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oh5gpX46QzOevaVM0Bxacg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLeoD_6QfkOldiQnCDVsrsLs16_OcKRD4d9zjsBfEcJxNCgH9FHwXvM6KPYxK0PUi8kNhWk1uSsZECqaNniaaPHz1xH5Ar4
date
Sat, 24 Jul 2021 15:10:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 31DB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECBZmWPP5qAfXP_vfvvntzQ&google_cver=1&google_push=AYg5qPLETEaU1Nzsdm2kWUM0vX0X2E1XcCnL1qJNm8KkSIfKp146lqRQoF95frHswDuj5MVI7PiVoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLETEaU1Nzsdm2kWUM0vX0X2E1XcCnL1qJNm8KkSIfKp146lqRQoF95frHswDuj5MVI7PiVoaURGtL3Hl04G-BGOMTaPMPJ&google_hm=NTE0MTAyMz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLETEaU1Nzsdm2kWUM0vX0X2E1XcCnL1qJNm8KkSIfKp146lqRQoF95frHswDuj5MVI7PiVoaURGtL3Hl04G-BGOMTaPMPJ&google_hm=NTE0MTAyMzE0NTY4MzcwMTM4OQ%3D%3D
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLETEaU1Nzsdm2kWUM0vX0X2E1XcCnL1qJNm8KkSIfKp146lqRQoF95frHswDuj5MVI7PiVoaURGtL3Hl04G-BGOMTaPMPJ&google_hm=NTE0MTAyMzE0NTY4MzcwMTM4OQ%3D%3D
date
Sat, 24 Jul 2021 15:10:11 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 31DB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IloJxG3M2Yx_5OV9SwTOC7G9KI-R09ZjViX2iYLQVG-7FYT-zsX58D6VPrjm4ro57o8-in
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ad_impression.gif
beacon.krxd.net/ Frame BAF1 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618920&adid=321276320&creativeid=153780324&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.35.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-35-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1627139412
x-served-by
beacon-n016-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pubads_impl_2021071401.js
securepubads.g.doubleclick.net/gpt/ Frame 3F16 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 08:38:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117283
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
ad_impression.gif
beacon.krxd.net/ Frame 2BD6 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618923&adid=321276323&creativeid=153929773&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: 46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
URL: https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.35.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-35-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1627139412
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
googleads4.g.doubleclick.net/pcs/ Frame 2BD6 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNkHxvoZ5FE6ffYTB59vvsxZcRoVNXAIvehmm8HFmJkZonB_1LFmhfQjevDlI07k8JeQGiiGKbjQaV6WSDHQpuqIQuCLgvkwpsOnH7RLeHVgEwefYZQ30c2wGmLlA61PDzjw9Bhx5dEaQtsHdCrZTiEwVToDW0JO-p33b4v7i62KY_U0sRI-PfORcOIBrTfi9S0vEHi8NZADw6P3Mkf48rPvdXhry602AMlvzaAtRvITVND_MkDH3iYNi1R9fpr_ijgBaFpH51TmASnkmVm30umo_z8-zOMVzk9URTsWBjqoXO-YgLlGrhghi2eCsMWmn4QReByrAoSjWq-es9eHbyzasI0FMcX1BVv1KXyiaFpHRAqq4QdvwToTD-ObDaTynubtGyaz0n7mDptFGjC6ZcHL88ddRW6ap4yDuGzSd34oigB6-39x1GcyGn1SpC1BH68XqOrbbS1D4V4RRA1LOKc1qGlnzBRpY_cAXszzxdAQPzCH5eveomu6LHYtjidAj3n3XCRxSq-jN6rbzbvPL8NcHHSuRBLkHmFFL3-ggJ5gp_xMDhJNGW3YipAIchGoA9OiguKkVt2zXEMLic10j2kv300UYHjtaZSAZT5m4234odwryXDiu3-sd_WCz0LfPB5yjMERxFoJ36hqSnOG8Z4RC_0k6yNEy0tZMoztu4OqKWCzeww1YLSd3yyIHN9h2LdGcJoLTZqlR3lErIhCM75mcMUU7sANps15t9rhW1CXiWWBItj-46-lCyNE6cXR9qB1WO6JpdhR4eXi1OQM--Vgy__w-bg3n3ESvQeZxTNMWCADzTTG0wlNY6Y4z5ZCu3htOuBJiGfPkJE_WDZrMCAK_cil2U20-5BI-yAByBrpMCG7z9NeDpX67Xg8KgAe4oRlOSO2cCvipIpZQxg3SBhOYIYFyPi078G1Qx4eS_xE2fZ81v6FldcjtKFDDsS2f-1LSKHpJWiHuaUJubB3caQ6X2ectNJ0SmpGs-Go9cpAXx_qLO1CIbUna_m3KvgtGHDSUZTD3ftFQp9xlBfecY_CVT6ERbFQQA2L2003kUZBY8Pr9fE9PGQ_GhTp0q1GcI7PMPDEZ5-4-Xoh636uzoPTFfGXqWbWj92_WwkqmV9H4KjrG3HRNlt6CTXCpPz0kQx10-joAp6fpZ7UktCrIbhAl4x2BMwfbx8GKHTjHt3dNyQaiadK0qzC-NW-Etu6MrsExI5Q&sai=AMfl-YTBzflVqmV9eUM128gJ3ar8He_taByGk9RW9XD8_EWoWK7jcLDjIFk_1gvdtzdU6hj2HUVnXzw9aJ2UC77yTu8PfjLL6etXAPlYrZqsANZnHhI5XaxLT7bdNdRvKvUu-peNwEQ_dqNrpPpS_KLMS2Iw4YbYlEzPpfExg2Y&sig=Cg0ArKJSzNhA_oJyS7fREAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=367&vt=11&dtpt=204&dett=3&cstd=162&cisv=r20210720.32685&adurl=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame BAF1 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3rAuVF1nCLBjvIrnDkw-fZ2-pDSmejeRxGmtCAQ9CypCNFcLDzl_WL9zrBoJJiVoq4i-xSCovA-FG1LjutjSSz1zcuJxYqBlZJHLMlY06x92dHGDGJUJbeWYPksn69VU-nlogHQy4PzaDB2Ibz1IKEL4Sqw-PkIcLT-hQ4AR99wtpMiimVv21Zqf4i76pcgy__PvmP0Kc1PkJ0ovcvdth1svluQrYpUjfbYiFTqWRTa37msKwTt4MIWgCVsLH5bnu6EO-QYrsNrQZjw7ISaHAdrb4KGlJf4vSunVfUmHd0nWnOG2B-ejme6alcYz_7WwWNE-TCShJt4bK9DASJyM5WYC-3oA_bGce6_ymIPyBTlLY3Ji0u_O1pJ6-kTCrcU6poZy8MFTRXMhWAcGE9cjE78rqAu9YPJHOhJORmtiTfEeCi3oKtwmvAMWUjX6vN-dqn0QYlvAp_M1cg4OoxUz-6YHNrg36oPh--y0NPm-NLA050EKnw9rv5OBArDG1H7sDEqfatruquYf_58G4XIsA-1JmGKJcX7RwCk3TnX5LGb5YM6y4kXhOY2MM2znLHqoubZFCyFN8Ee3Ii6rt8G-BDiEC1BBCWmORAwpg5qzmo4VVngctjwIUjA1bAdyN3XxvfKyCiWjz6L7cR_TMXJvx3CoKx3CN-O7XACQyzi7hdIPt3nZ1bVtVugEfIXbCDtTg4mMwzYat_Hr8-V6q-qQAgcv0akSvZCAON2EGDrkDoTL4cox9fQLVH2qmyFQC3e_RWRETnTxZq_eTUo1ZbCoaEJiJLlJqsvAYqjeCPVhgvp-O5bzj5Mw6utAWvWacd42Ud0xRNp0fDr28-lvVB7V46NbybuYIaeu172FDAQRY-Td9hhFYLo18CgGvo6qmabKW4_i52dqw6oiQcmmGTMRngpAXrFGArU95KvdJC58VKyYU1r1d0BxnPE9XAc5bZoxJOsweG6_ZpTlG8imBbdOavRWv2_ZyRy3pippzdqxEONnGDjrzfyvfVqjeBlA9N9bsnkma-xnuGmSQaYs_DWLZdpDDLekCrBpVgQYqZd0XO0xArJubC7ZOt6KgiuXvJ-JTBfCs7mHVhEibfDpQ_pzQ0o3cBeVNQSLt57rDpcFFz76FVd_fizDcyRH5lnFh7PhqoD7XzRXx-BMAUpP-7dkj858WK42due5p207aBGwF7pgTIvq4lDfAUEs1mgBz8r5fABS6L3hUDorrlxgXeCqvDAnY6IAY8vL5XXoATRcfWqz73H9nd65EZb_v&sai=AMfl-YS9ks2Fk-dCQjBBwLu1CO_B9JFOuY_O2GsrzFvxSEGxU8knBjQUCzJ1DcwBq6RjwTCO0AqC9G9gsMuepaThoWXEvegfaENpglytU8TC-GplRxRMqn-Viqexm7wWPrEgPhm-vwPFdcDFEWp01Q1wk9yilBYzEg&sig=Cg0ArKJSzLZEOi49_etnEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=509&vt=11&dtpt=314&dett=3&cstd=192&cisv=r20210720.28119&adurl=
Requested by
Host: www.creaders.net
URL: https://www.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 15:10:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
pagead2.googlesyndication.com/bg/ Frame 4F5B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 15:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
85565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13334
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Jul 2022 15:24:07 GMT
rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
pagead2.googlesyndication.com/bg/ Frame B58B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 15:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
85565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13334
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Jul 2022 15:24:07 GMT
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame BAF1 		221 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb142e6b6863b30b8ab058283972e7aa12ca0bcd5acf9207a6a655108ac47705

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a007-dub-prod.krxd.net, cache-fra19141-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1627139412.241908,VS0,VE31
content-length
180
x-cache-hits
0, 0
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame 2BD6 		221 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb142e6b6863b30b8ab058283972e7aa12ca0bcd5acf9207a6a655108ac47705

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a007-dub-prod.krxd.net, cache-fra19141-FRA
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1627139412.332935,VS0,VE0
content-length
180
x-cache-hits
0, 1
optout_check
beacon.krxd.net/ Frame BAF1 		81 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.35.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-35-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a770784b5d7eebff5e89fd63b2fc8847b5f74a14f1c4b6b5035f2b9eea5071e3

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=32 t=1627139412
x-served-by
beacon-n010-dub-prod.krxd.net
content-type
text/javascript
cookiesyncendpoint
sync.aniview.com/ Frame 3194
Redirect Chain
  • https://sync.1rx.io/usersync2/selectmedia?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D13%26ke...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=13&key=OPTOUT
0
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=13&key=OPTOUT
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.137.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-137-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=13&key=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1627139412271-937113200172-008905-015-004233
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
set-cookie
2_C_13=OPTOUT; Path=/; Domain=aniview.com; Expires=Sun, 25 Jul 2021 15:10:12 GMT; Secure; SameSite=None 2_C_13=OPTOUT; Path=/; Expires=Sun, 25 Jul 2021 15:10:12 GMT; Secure; SameSite=None

Redirect headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=13&key=OPTOUT
etag
OPTOUT
cookiesyncendpoint
sync.aniview.com/ Frame 96FC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=36800e4a-7fee-40ba-bcb0-adf158f0815f&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D23%26...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=23&key=72b4d3c9-0d85-41ff-8307-89e84ad7a44b
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=23&key=72b4d3c9-0d85-41ff-8307-89e84ad7a44b
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.137.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-137-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=23&key=72b4d3c9-0d85-41ff-8307-89e84ad7a44b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1627139412271-937113200172-008905-015-004233
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
set-cookie
2_C_23=72b4d3c9-0d85-41ff-8307-89e84ad7a44b; Path=/; Domain=aniview.com; Expires=Sun, 25 Jul 2021 15:10:12 GMT; Secure; SameSite=None 2_C_23=72b4d3c9-0d85-41ff-8307-89e84ad7a44b; Path=/; Expires=Sun, 25 Jul 2021 15:10:12 GMT; Secure; SameSite=None

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=275654b9-cb65-4fe0-a8bc-670d14e9d5be|1627139412; Version=1; Expires=Sun, 24-Jul-2022 15:10:12 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=23&key=72b4d3c9-0d85-41ff-8307-89e84ad7a44b
date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
Cookie set usermatch
ssum.casalemedia.com/ Frame 2785 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4342098113d93daccced2c713c0d7f4ea3a1f3c37ddcf93bf6a5a074b0ffb858

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMRUM3=2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws; CMST=YPwtU2D8LVQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|46|156|88|31|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1861
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=2960fc2d5405a0&9c60fc2d5405a00&2760fc2d540b40&1f60fc2d5405a00&5860fc2d5405a0&f160fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&2e60fc2d5405a0&e660fc2d542760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 808B 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D1%26key%3D
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
sync
pixel.advertising.com/ups/58253/ Frame 8978 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58253/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58253/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
ixmatch.html
js-sec.indexww.com/um/ Frame 28A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
spotx-pixel.js
play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/ Frame 632F 		417 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
X-GUploader-UploadID
ABg5-UxmXjmDN7d3Z5bQshR8ZLN-0Hl2KWVfD0EpTdz2c5wUxnDZGx_EZnNzga5Tv4WQrZRlVJsZKZ13_ceCCjpDBaivKn6pEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
417
Last-Modified
Sun, 26 Jul 2020 12:32:25 GMT
Server
UploadServer
ETag
"f70554e00ba53d6687836b60f833456e"
x-goog-hash
crc32c=bH2gjQ==
x-goog-generation
1595766745952958
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
417
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Sat, 24 Jul 2021 15:40:12 GMT
vast.xml
video-ads.rubiconproject.com/video/20598/277064/1384678/203/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/20598/277064/1384678/203/vast.xml?rp_schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,,CyberMedia%20Network%20Inc.,creaders.net&us_privacy=1---
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
1bccd50c35b7b28d408330d82e548cbb3ba900abc27dee0e5df129f2d5239fbc

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
992
Expires
Sat, 24 Jul 2021 15:10:12 GMT
3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=?cb=7139412421&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.creaders.net%2F&eov=eov&us_privacy=1---&scpid=58fcbed1073ef420086c9d08&scpid=5c5bf265073ef44dbb3483fb
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-160-25.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3ab614ac79a31a4dfed818f08134ddf689b1307dda70186c3f584590f4067dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
970
expires
0
avpb3.js
player.selectmedia.asia/script/6.1/ Frame 632F 		282 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/avpb3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
60c420151119c997eb9f8c8c7ab0771775980aeba9e8c1deb96aaff93984c1e9

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdvF1Y7SNk-aFpXWt86YLEeogYaBbO96qQO3uEYCijroD8SeXBpL96XLNojzbVwvbBfIk3BhNQgSAuh4b_L-sZCPGV3--A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
90379
Last-Modified
Wed, 14 Jul 2021 08:57:34 GMT
Server
UploadServer
ETag
"23919fad16ba2ca2bfd55694eeae525a"
Vary
Accept-Encoding
x-goog-hash
crc32c=AxQ1eQ==, md5=I5GfrRa6LKK/1VaU7q5SWg==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1626253054480425
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
90379
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sat, 24 Jul 2021 15:15:12 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=selectmedia&user_id=1627139412271-937113200172-008905-015-004233&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627139412423&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C6072f3e14b528f118570488a%2C5ed8e022ae612e7d4978d4fe%2C5f5e1c5ad1bb37468a36ee81%2C60ed8c214b5f003eaf39e55d%2C5c84e63128a06171521af324%2C6010520e530a6a6d3a2981f6%2C5fda3fe5a9b87c514940be50%2C600e99e72b4eb7211b7a84b4&ofpr=%2C%2C%2C2.88%2C%2C0.9%2C%2C%2C1%2C0.9%2C0.9&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
optout_check
beacon.krxd.net/ Frame 2BD6 		81 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.35.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-35-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a770784b5d7eebff5e89fd63b2fc8847b5f74a14f1c4b6b5035f2b9eea5071e3

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=30 t=1627139412
x-served-by
beacon-n023-dub-prod.krxd.net
content-type
text/javascript
CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame F005 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1216297344507822/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/4528516/1216297344507822/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:59:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Oct 2016 14:32:08 GMT
server
sffe
age
668
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104232
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:14:04 GMT
gtm.js
www.googletagmanager.com/ Frame 632F 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: play.selectmedia.asia
URL: https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f37b608dcd1ec1d867ba7926966ccde18a77113712c1544b4fb713a8bfc7f23a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34804
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
avjp
select-d.openx.net/v/1.0/ 		106 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://select-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.creaders.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=da8d5dcc-6338-4c02-866a-543b1bb32905&nocache=1627139412518&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C3580cc3f024b449eaaf761e81ff28e9e_1723150101%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A336%2C%22h%22%3A189%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=541066203&vwd=336&vht=189&aumfs=900
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
via
1.1 google
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.creaders.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		138 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0d83d2ec376587699333924ffcbde5b7c95fff534cbc673d8aa8202b9eb851c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cb6a126a-5a6e-48e3-b9a9-7d83d669b44f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
X-SpotX-Timing-Transform
0.000330
X-SpotX-Timing-SpotMarket
0.007297
X-SpotX-Timing-Page-Mux
0.000840
X-SpotX-Timing-Page-Require
0.000365
X-fe
118
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000038
X-SpotX-Timing-Page
0.012518
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000426
Last-Modified
Sat, 24 Jul 2021 15:10:12 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007297
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.creaders.net
X-SpotX-Timing-Page-Misc
0.003207
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627139412524&pKey=385992761&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fwww.creaders.net%2F&playerSize=336x189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627139412455050-353
Expires
Sat, 24 Jul 2021 15:10:12 GMT
CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame DE02 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1924166856372953/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/4528516/1924166856372953/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:59:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Oct 2016 14:32:08 GMT
server
sffe
age
668
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104232
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:14:04 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 808B 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45640482&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
dcm
s.amazon-adsystem.com/ Frame 2785
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZCQSJ6JFAVW0HV2KHF7N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
38BF8KZDMA8C04MRCXZD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2785
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2785 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YPwtU7a51oJR9OeYghIdFAAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 2785 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookiesync
bttrack.com/pixel/ Frame 2785 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:09:41 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame 2785
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YPwtVAADCsPbxwAC
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPwtVAADCsPbxwAC&gdpr=1&_test=YPwtVAADCsPbxwAC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPwtVAADCsPbxwAC&gdpr=1&_test=YPwtVAADCsPbxwAC
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627139413.735049,VS0,VE0
x-served-by
cache-fra19138-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPwtVAADCsPbxwAC&gdpr=1&_test=YPwtVAADCsPbxwAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
noop
px.owneriq.net/ Frame 2785
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6804258121256682580&uid=Q6804258121256682580&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
bridge
cm.adgrx.com/ Frame 2785 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 2785 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1627139412271-937113200172-008905-015-004233&biddername=42&key=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627139412271-937113200172-008905-015-004233%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.137.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-137-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 69C2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85df7f4469e5f00f36d10ce607611f41b9b8ef95c67a188ddd7e0ee127548e8e

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=2960fc2d5405a0&9c60fc2d5405a00&2760fc2d540b40&1f60fc2d5405a00&5860fc2d5405a0&f160fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&2e60fc2d5405a0&e660fc2d542760
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|130|3|4|8|40|196|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1369
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=4960fc2d5405a0&e660fc2d542760&2e60fc2d5405a0&0860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d5405a0&c460fc2d5405a0&2760fc2d540b40&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&bc60fc2d5405a00&f160fc2d5405a0&0360fc2d5405a0&1f60fc2d5405a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NH3RQL3&cv=3&v=3&t=t&pid=561675304&rv=7l1&es=1&e=gtm.init_consent&eid=1&tc=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NH3RQL3&cv=3&v=3&t=t&pid=561675304&rv=7l1&es=1&e=gtm.init&eid=2&tc=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=3e701114-ec91-11eb-9ff2-17d925990306
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=3e701114-ec91-11eb-9ff2-17d925990306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
51
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
nginx
Location
/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=3e701114-ec91-11eb-9ff2-17d925990306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
4
Connection
keep-alive
Content-Length
0
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NH3RQL3&cv=3&v=3&t=t&pid=561675304&rv=7l1&es=1&e=gtm.js&eid=3&tc=1&tr=1img&ti=1img&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NH3RQL3&cv=3&v=3&t=t&pid=561675304&rv=7l1&es=1&e=gtm.dom&eid=4&tc=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quantumdex
sync.quantumdex.io/usersync/ Frame 10DC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7922672154ff022af02e6d75a0e6a8571eb08b2cbce621690e8fea1e73bf0fbf

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
set-cookie
uid=4bd49bd3-1f05-4c18-9d3c-a610234af2ce; expires=Fri, 13 Aug 2021 15:10:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7OhOwn3rBoxNCe0fXckJTnBAdctaQ9qaItUjMFgzLMzhDhJsg1qF8H3kynjNoMlcbyw5qEzmrqTrfVUpTMRtlksYS1f%2FUpSKugDhsXNUubldOH5m%2Bjg1bbqb0vca5YGmz%2Bw297WWJVtRWRaqK49gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
673e12f0fedd4e61-FRA
content-encoding
br
ixmatch.html
js-sec.indexww.com/um/ Frame F3CA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
quantumdex
sync.quantumdex.io/usersync/ Frame 308F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57eaa67a2c9cdfe71c19891dffdcfb9fbc5f1c17a02fe7a45cdfdfe9801e14cd

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
set-cookie
uid=ce003ed2-5843-4d01-b31f-c039ae961d70; expires=Fri, 13 Aug 2021 15:10:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jM6LFeETDILsp7d%2F4wBTxHniWofDZ0bbAnQuzwtiDfZNpjm7yAFWoipZIBpI3VEZ791hGT1jbLT%2BssWswvlhXnUvyXM55C%2FX8P%2FwUJxAfr9jZ6%2BRL95RqjP2rLwLnDE4V7JoRkTnqc1RL3KzIzrUlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
673e12f0fee04e61-FRA
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 58FC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
quantumdex
sync.quantumdex.io/usersync/ Frame BE08 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2f3e6ee515db3fe55eb05e4d6e16bb097f3a8a41b935bb7a6afd06aba12097

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
set-cookie
uid=26747d17-d5a4-4f9c-8c48-87d2dd5f8e7d; expires=Fri, 13 Aug 2021 15:10:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzEeQft9H7Gim%2BjEf76yWemeJEOXPHzkVmmYlwCoAh2cBiaUpc2LPgpmXn1XQ13nGrPCnown39Dq84g25uSzuJXfQ1WrubuhRnOy2Imm4IfirFYZ5ai3mUuIkLGzSpdJhSdgtVLCIr0A5RzgvEgUQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
673e12f0fed94e61-FRA
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 14E4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCDE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame AA75 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 741B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
quantumdex
sync.quantumdex.io/usersync/ Frame 5BFE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8bfae0ca3a8628702d44b2a01d4ff535190eced3d6b13d04a2286689c955cc

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
set-cookie
uid=2198730a-3aeb-4dca-b169-0064e66f0ce7; expires=Fri, 13 Aug 2021 15:10:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouU7vvkclLw2K8RJMz8JGwP3jut7N9wo79H6NoCNeYAjxPJfRUMBLT47tMwqE%2FfeyHRGb4OGDt8NitebcKYmnmZxv0lfGxtZWiZ5auYS5d%2F%2BOsKyo674YvH%2FFCihkM5V7KMEz3zkgI3QC02WqklXxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
673e12f0fee14e61-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame 2375 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dbaf4d67e022be6256304895a2b4adf590fb1d062a49a8de1e6c5c61e8364f4

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
set-cookie
uid=7ebe1254-f24c-4cc7-8b27-71e84ff29320; expires=Fri, 13 Aug 2021 15:10:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg1aHkhaXfJ1z4RxeyIrLglLEJ8xopvY%2BBYmDQj9yE0RqgNQsoy2HPNCgffR%2Fm2xCzVRixs8i%2F716XPXhSJ6p0VqkXBXxAwEa3%2B%2FHaojkaAnCGOzwRk9bqU75HpnicwrD%2FrtNxVcfCeWDJdGJttq%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
673e12f0fee34e61-FRA
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD86 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 86D8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CEA5 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
quantumdex
sync.quantumdex.io/usersync/ Frame 52C2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c8bb571e15fab5a171fb8d59bf83fa4aab2cc8d749d6c37915433e8b038460

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-type
text/html
set-cookie
uid=1ac80754-90f8-46a3-a597-5ad6d4940895; expires=Fri, 13 Aug 2021 15:10:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzfUIuIWxEfnX1%2BgHEa7dtPlRpPoIVMD3X%2F98vMHqHR5lvIeHTkgg42c5FSjPuintEGDd7ZP0sOGLMxgFblMVT8VgalYOYaiQxLzeInu3QyJkY3pCKeujOkevsW1%2B%2FgjkEH4xWDh%2Bh6nOFJlBu99IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
673e12f10f044e61-FRA
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 89CD 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4587 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 951B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627139412686&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C60ed8c214b5f003eaf39e55d%2C5ed8e022ae612e7d4978d4fe%2C5c84e63128a06171521af324&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-31032.js
video-ads.rubiconproject.com/video/ Frame 9B07 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31032.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 09:40:09 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"100d7-5bfd76a7cf040-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19979
activeview
pagead2.googlesyndication.com/pcs/ Frame E229 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5JbWt4zfsVoMRugkh7fWLJw7kZh1jwcD0LA4iY7n2g9JS_sMhruusTamAaFvatvwrhDT1BPQ3xaKOpbx_IUek2L9vl9wdMR-flz_HWjuV40ASFvXx8DsGX5zQrw&sai=AMfl-YQw_oZjHZ4GN6T-G0joJc2uSIp6ZJDwLZzSdWxduwfmYDAUwnmXKg90zz-CQGLs0ubwqfVNQxazlHds9blq8A5ojKO6FFgx8uyPir8kE231menP2xVctCk-1fmGHIi6&sig=Cg0ArKJSzI-VlG350p0CEAE&id=ampim&o=436,93&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1019&mtos=0,0,1019,1019,1019&tos=0,0,1019,0,0&tfs=340&tls=1359&g=100&h=100&tt=1359&r=v&avms=ampa&adk=1184491182
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C24A 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1D5F 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2E3B 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F52A 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame F005 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1216297344507822/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/4528516/1216297344507822/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:59:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
age
655
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:14:17 GMT
YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 69C2 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YPwtU7a51oJR9OeYghIdFAAABFcAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 69C2 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.144.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-144-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 69C2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:12 GMT

Redirect headers

Date
Sat, 24 Jul 2021 15:13:06 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:05 GMT
rum
dsum-sec.casalemedia.com/ Frame 69C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:12 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 69C2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=be7ba061-1f75-42b2-92c7-ccb01538df8d&expiration=1658675413
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=be7ba061-1f75-42b2-92c7-ccb01538df8d&expiration=1658675413
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=be7ba061-1f75-42b2-92c7-ccb01538df8d&expiration=1658675413
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 69C2
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

date
Sat, 24 Jul 2021 15:10:12 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
CookieIndex
rtb.adentifi.com/ Frame 69C2 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.1.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 69C2 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1228
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:30:40 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame D72A
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.75.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
464308984606be2331248484562d7b7ae83f9507e23f2e935e0a9473866c597e

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=c2b82bf9-f4a9-47cb-a677-21d934d93ace
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 24 Jul 2021 15:10:13 GMT
pragma
no-cache

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=c2b82bf9-f4a9-47cb-a677-21d934d93ace; Path=/; Domain=eqads.com; Expires=Sun, 24 Oct 2021 15:10:13 GMT; Secure; SameSite=None
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NH3RQL3&cv=3&v=3&t=t&pid=561675304&rv=7l1&es=1&e=gtm.load&eid=5&tc=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BD28 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW922CqhJxmIs6fIqk2gUh6-LPqKdE4lEe0b7mWeqnd7e-75ktuqQAVmZjcH0AF4ORk00grl44so3zOq5CQqipPOjv4pBo2-StTLJtMfyYyHtF2yaBVHGGtcddMg&sai=AMfl-YQakxQxp5CSgvQVSc3TuD1vUX4Wgrkbls4VgLd1JTvBvh_N2qR9w4tEAL0gQN3Zye5J-fHhpjonCKNHP7EAGSQatvmoSB_j9AMw9PyVv7xOMmLs6_W-Brk9lqLxWIF0&sig=Cg0ArKJSzH-ES_lqIFG6EAE&id=ampim&o=304,562&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1071&mtos=0,0,1071,1071,1071&tos=0,0,1071,0,0&tfs=293&tls=1364&g=100&h=100&tt=1364&r=v&avms=ampa&adk=4176071749
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6E24 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9775683faff710903803d4377742cff28335624d308702db15f06e44899c6d77

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=4960fc2d5405a0&e660fc2d542760&0860fc2d5405a00&2e60fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&c460fc2d5405a0&2760fc2d540b40&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&f160fc2d5405a0&bc60fc2d5405a00&0360fc2d5405a0&1f60fc2d5405a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|90|81|5|13|176|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1621
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=2960fc2d5405a0&b060fc2d5405a00&0460fc2d5405a0&9c60fc2d5405a00&2760fc2d540b40&c460fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&2e60fc2d5405a0&0860fc2d5405a00&e660fc2d542760&4960fc2d5405a0&4160fc2d5405a0&1f60fc2d5405a00&0360fc2d5405a0&5160fc2d5405a0&5a60fc2d5405a0&0d60fc2d5405a0&bc60fc2d5405a00&f160fc2d5405a0&0560fc2d5405a0&8260fc2d54a8c0&2860fc2d5405a00&ce60fc2d5405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 3E99 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
104a320d7ff3122abe595c9293215c8575331096ee97ca0db83f368242c5965e

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=4960fc2d5405a0&e660fc2d542760&0860fc2d5405a00&2e60fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&c460fc2d5405a0&2760fc2d540b40&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&f160fc2d5405a0&bc60fc2d5405a00&0360fc2d5405a0&1f60fc2d5405a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|111|90|3|191|73|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1586
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=c460fc2d5405a0&2960fc2d5405a0&0460fc2d5405a0&9c60fc2d5405a00&2760fc2d540b40&2e60fc2d5405a0&0860fc2d5405a00&e660fc2d542760&6f60fc2d5405a0&4960fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0360fc2d5405a0&3360fc2d5405a0&5a60fc2d5405a0&bf60fc2d5405a0&4160fc2d5405a0&1f60fc2d5405a00&ce60fc2d5405a0&f160fc2d5405a0&bc60fc2d5405a00&8260fc2d54a8c0&2860fc2d5405a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F359 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b18f611c59ad7eccf9931546caf92fbbb442176f8ec4ea5404060ab999a302b6

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=4960fc2d5405a0&e660fc2d542760&0860fc2d5405a00&2e60fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&c460fc2d5405a0&2760fc2d540b40&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&f160fc2d5405a0&bc60fc2d5405a00&0360fc2d5405a0&1f60fc2d5405a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|111|81|64|5|4|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1329
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0860fc2d5405a00&2e60fc2d5405a0&e660fc2d542760&4060fc2d5405a0&6f60fc2d5405a0&4960fc2d5405a0&2960fc2d5405a0&9c60fc2d5405a00&0460fc2d5405a0&2760fc2d540b40&c460fc2d5405a0&bc60fc2d5405a00&f160fc2d5405a0&0560fc2d5405a0&8260fc2d54a8c0&2860fc2d5405a00&ce60fc2d5405a0&4160fc2d5405a0&1f60fc2d5405a00&0360fc2d5405a0&3360fc2d5405a0&5160fc2d5405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7D35 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cbc620743fe2c95c204299c4e6969cde5385189907a84a2cc68ae55cafc96535

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=4960fc2d5405a0&e660fc2d542760&0860fc2d5405a00&2e60fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&c460fc2d5405a0&2760fc2d540b40&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&f160fc2d5405a0&bc60fc2d5405a00&0360fc2d5405a0&1f60fc2d5405a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|64|111|152|5|230|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1492
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=ce60fc2d5405a0&bc60fc2d5405a00&f160fc2d5405a0&0560fc2d5405a0&8260fc2d54a8c0&2860fc2d5405a00&0360fc2d5405a0&4160fc2d5405a0&1f60fc2d5405a00&2f60fc2d5405a0&2e60fc2d5405a0&0860fc2d5405a00&4060fc2d5405a0&e660fc2d542760&6f60fc2d5405a0&4960fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&9860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&c460fc2d5405a0&2960fc2d5405a0&9c60fc2d5405a00&0460fc2d5405a0&2760fc2d540b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 1E65 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81785ea4caed8d310fc8b5a5eb1c9b33154c47f5d9c76134a9420fc607cc61fe

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=4960fc2d5405a0&e660fc2d542760&0860fc2d5405a00&2e60fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&c460fc2d5405a0&2760fc2d540b40&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&f160fc2d5405a0&bc60fc2d5405a00&0360fc2d5405a0&1f60fc2d5405a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|64|90|218|152|51|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1502
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=8260fc2d54a8c0&2860fc2d5405a00&da60fc2d542760&f160fc2d5405a0&bc60fc2d5405a00&ce60fc2d5405a0&1f60fc2d5405a00&4160fc2d5405a0&3360fc2d5405a0&5a60fc2d5405a0&0360fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&9860fc2d5405a00&5860fc2d542760YPwtVAADCsPbxwAC&4960fc2d5405a0&0860fc2d5405a00&2e60fc2d5405a0&4060fc2d5405a0&e660fc2d542760&2760fc2d540b40&2960fc2d5405a0&0460fc2d5405a0&9c60fc2d5405a00&c460fc2d5405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5AB8 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9137161b9966c94959f6b3b452443fbaf62fc2c7ecd9bf9d50c917ef88c30dd5

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=4960fc2d5405a0&e660fc2d542760&0860fc2d5405a00&2e60fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&c460fc2d5405a0&2760fc2d540b40&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&f160fc2d5405a0&bc60fc2d5405a00&0360fc2d5405a0&1f60fc2d5405a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|111|81|39|191|13|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1703
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=4160fc2d5405a0&1f60fc2d5405a00&0360fc2d5405a0&5160fc2d5405a0&bf60fc2d5405a0&0d60fc2d5405a0&f160fc2d5405a0&bc60fc2d5405a00&8260fc2d54a8c0&2860fc2d5405a00&ce60fc2d5405a0&2960fc2d5405a0&9c60fc2d5405a00&0460fc2d5405a0&2760fc2d540b40&c460fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0860fc2d5405a00&2e60fc2d5405a0&e660fc2d542760&6f60fc2d5405a0&4960fc2d5405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf46923a-fde0-4033-9531-484e73f08dbb
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf46923a-fde0-4033-9531-484e73f08dbb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA%2BiuikPWIEMv2jQPAWsxR578IPFoed1OmO2Z4jWC8qQkoH5nAPpCE3nhKDBgVQUe7mC1OHtPzEJ2nabXMwgwgKFt8BK9y7ZCAwaO6JuCkyvIZ740mMKpTZDhexUiPn9VbQsPRHIGVtz2jX85Ai0DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3fced4e61-FRA
content-length
43

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F59AbJYAxnaHdrJLPLUMJ18RrLm3TrotYp7AyVCGNMZCEHYj%2B5%2FOEhPb0QkpIjgWJcGRNO2cjTj48vJ7Pmc1C%2BXibFW6e3p0Nu23tmsuDQqugfVUBrXU9Q%2BbbF1XK0P1OHwc4RS9cY%2B6p0o2nyU%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf46923a-fde0-4033-9531-484e73f08dbb
cf-ray
673e12f2dac44e61-FRA
content-length
0
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A71YhKVA7NTnHbZXpjVY1BBm0r9xsKh4Q9C4q45vC654q6kbo6w2Jfm5ujGXoZ37lwpOfRGrpi9g9R7rVOyhI72Qaqzhv9DKcgY05eTiVn8BeoFaZZCwOn5HOUBIK3D8458NRIvIE7dgttIPkSguDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f39c1a4e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
672846f9-e3b4-40f8-ab05-887460f71c27
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-000da186-7a85-4a41-80e9-de9a85117753
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-000da186-7a85-4a41-80e9-de9a85117753
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBC9nRLHfupM8Gp3Ogwd7aMWJ6TC35T9F%2BNl4klrONpVVQIEFheaC84nTXjQsInXuwEeUE68HSsYegRmZC3QzjfyxP2RWMBOyqD9IlMhITetiOdSX%2F%2Bn8gJGtf7DIKfjA2pU0xCplAm6UB9RtEg%2F5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f54fd54e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-000da186-7a85-4a41-80e9-de9a85117753
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKzub1J7rqtzCtIGJmbFkTusBqqPbc%2FMURIaz5M2sPhz9QK6o8Zc16H5G1%2B%2B3iPnOgtXGhXp%2BTmQC3eV1lNKZcuAUMr%2Bhv%2BY0qpxiae%2F4mlAsL4eetfQpXV%2B%2F5QrROzCvOcvz%2FUs6WadVoKJZ9uGpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3fcee4e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a93466f8-27c5-4df6-9e96-762d68f09bf4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlhEHbd3sRBzK6TzihkjBpzw2D7HJI%2BwUt7FF8Na1tViVn2%2FnTWpSDrHxcuPaX%2B0Itf%2BXt2hFC6n5gwFzntgM559tfBQV99rQ7MNHdNTUEZ2fBGXB5082I8EhQ9ZRukQO466%2Bg9JoGV18IZoIB380g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f39c2f4e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
622f49c3-b412-4c48-9bab-93589e46b890
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAXDRbg5UI6BN06uw7eSyQQdf4nteTMSLRSdTiE7Dba99M4et9TTgPL%2FAbhxUVTLTlZM8drvXCl63UbZk0FuVEKyCHscCd%2FQtRQ9WUb6dAVmiVesec6nXWX0MKCqqpX8yxnwTtsiEkTsC9sYaBkt4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f45df14e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
us
sync.go.sonobi.com/ Frame 10DC 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICq%2F0U0mPjVyMfoxcT8%2BIlXQYo3cvG%2Fd2o1zSFh2C0TqvTr6k0kSUZaz0yJmk9rzTQRO8SgklE0LmB%2Fo0%2FmiCMWWqePTTmcw1IBpmuyjGsVrIbkrbuDwVp%2FAJWOcthqcWmx95NaLYe1bItpxZU437w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3ac4f4e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0%2BII91E9ehdJ5vFBKLhPGh74vleRGP4jlViSrtve6Yey5kBdewVcQrTbZtHjlsxbUfQYaJBPDqLB3vLVwynYJPg2cW9g9vtA6QFCcAgwR%2Fw8Vxq8byGZnNWRsCsxUD%2Ft03Q0yQNRE%2F93MsOnyrkCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f45de24e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 10DC
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8c016aaa-0fc8-4a32-9edf-134565bf136e
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8c016aaa-0fc8-4a32-9edf-134565bf136e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3vfOfAd0Gg34gjbKupRXFjCoykmZIu1CHjcPLVdibCAdn6JGkY7BvXaNfrOIp4giCWM4dRHgF9oZ2G%2FyTQ3jdvqaIYwvsnmufLlAI2sdzV3MSTscs7lUjqKoeNgoWO6gBG4g3tkL0k0Y58yqNJqGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3ac494e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8c016aaa-0fc8-4a32-9edf-134565bf136e
date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame FD34 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66ab3e344dbbb39a998bbe298a2eac923b9f8080a865f716ad66649c8d86e8f3

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=2960fc2d5405a0&b060fc2d5405a00&0460fc2d5405a0&9c60fc2d5405a00&2760fc2d540b40&c460fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&2e60fc2d5405a0&0860fc2d5405a00&e660fc2d542760&4960fc2d5405a0&4160fc2d5405a0&1f60fc2d5405a00&0360fc2d5405a0&5160fc2d5405a0&5a60fc2d5405a0&0d60fc2d5405a0&bc60fc2d5405a00&f160fc2d5405a0&0560fc2d5405a0&8260fc2d54a8c0&2860fc2d5405a00&ce60fc2d5405a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
64|111|105|47|4|41|65|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1390
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=0360fc2d5405a0&5160fc2d5405a0&6960fc2d5405a0&5a60fc2d5405a0&4160fc2d5405a0&2f60fc2d5405a0&1f60fc2d5405a00&ce60fc2d5405a0&0d60fc2d5405a0&f160fc2d5405a0&bc60fc2d5405a00&8260fc2d54a8c0&0560fc2d5405a0&2860fc2d5405a00&c460fc2d5405a0&2960fc2d5405a0&b060fc2d5405a00&9c60fc2d5405a00&0460fc2d5405a0&2760fc2d540b40&0860fc2d5405a00&2e60fc2d5405a0&4060fc2d5405a0&e660fc2d542760&6f60fc2d5405a0&4960fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
/
ssc-cms.33across.com/ps/ Frame 3BE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP004
date
Sat, 24 Jul 2021 15:10:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA5C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 47E3 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YPwtV; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 40B1 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RVU6OxK0BaACZkK%2Fkp8njxqOdxzWKH57Zm4TtzlvIcTw9wbnuBObbN%2BBzC4K8f6IJXBCF8%2FqQ0ZXcKX47kSaXEzwFU3QNFf2CNnpm2YN9jEOnUotor%2Fp49PJLtx2ae7L0tm9tr1MXTlroAsafPK5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f39c2d4e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3230cd07-d11c-4ef0-b2ee-ee486bee913b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzLJNNrW6%2BpwoqlHjNLa8NRbIsATtfeLHQyHISkb8jQnIGqTWeC95FUrpOw2r3J14Fi9ZhWYHC%2Fo8flEwRdCVDtExQ197lu3qWA9GlkAOmBr0x4hkLX7EaTCqeizgHHJo18xCm7J3YNoHFsY%2F%2FKmRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3ac504e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zqZO9sAETJ8fB1h3FZHNNDIrTjoDaS8Zk2s4AIjTgevEr711jAmboFn5bq166W5X0Y9i4rzZTG6kR%2FQNbTbLq%2Bc0H4EMxyza2IC3bEvNY%2BHeLAFuXEJ8ktM6x6wxOtXBeacWjENeNylKm5DHWqUVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f45dec4e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzzyuNm%2Brag2dYijpoZPKRhvycuElJeUMLfXXihV4zXplEQ2za7z4W58e18ox%2Fu6fsKfyXOCWAS50XBRXc%2FC1LqSQEVyjhRGycGmIaPNtI17ILLQo2IC8uHNPI4jrWbFeLhfmej18u3duXiNyEby7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3ac4d4e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53888301-a8a4-4f41-85ea-3ef40825e77a
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53888301-a8a4-4f41-85ea-3ef40825e77a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcDN6yKhzdzloAMiV4%2BGKbw5vVllKmGs91WRvDhRNcoGfC3dyYPWNtLO80rjo%2BFv0UR5l4bdyfQvv0WdENlUGXIXKdv9ZD1Zs6s1x0kukBGlWGgKxZncSesueRk0V2ra0IRTV13OC9sbfB%2B5biapIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f43d7e4e61-FRA
content-length
43

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ei0iLap8mypBUpC7LglwE2O4AfKR7WRrYq%2FgY5M%2FmwO4O5hUAirteiTMdQltAfikGXWefrz9WpHqVwzm32iCDw9TZuYwX1IBwh0qzWQ9DZnlOGY8U9XUUZGqBwDffNFIhT2wwuo%2BftkGtGKD%2BAQ%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53888301-a8a4-4f41-85ea-3ef40825e77a
cf-ray
673e12f2dac54e61-FRA
content-length
0
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuOowSQyBnkvYLW7czUW4NUGL9Bu5PT%2BcHIuxgjFN7ZP71f3aEI2WrPGsAHKcOCoJVkMR1blIKSdZAncaOlbC2InvXVfaq9BVoOyn%2FgyROeIx5MZQ1QJIfPId5T%2BV9Wl0Z%2F8x3KYQk5L4sj9ggpShA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3bc5d4e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
df267089-63ee-4016-8de6-763957ba1be1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-eb4e3310-8088-462a-8a0d-9f5dca94d34a
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-eb4e3310-8088-462a-8a0d-9f5dca94d34a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nMnDwsXbuXXb%2FSw3XiGIcInlpaOa0FoVVMWcwzI6y%2FxTYQbdWEP5LXIZzSUwO9K%2FZkePibGdG1F2wFAKGm5sbzzamfydo8RA4%2BAx0Kv%2F1sd5JRjMIhShSdfXYeLeVDqiQdnNYDmfMxTSB0CZIqThw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f54fd34e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-eb4e3310-8088-462a-8a0d-9f5dca94d34a
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJINV%2BLMDhh3%2FxXKUovZuRE5noZfLqNVcT1a9O52H9q17DTXeNZ8CIcGofOzNgwgyyvOK2zSkAyHxaXgSXVH1ph9dh8Bq7YRI%2B%2Fs4ErdJpm%2FASx2RhkhZJSriW91haA8sFiVZfPavryqiq2ErW3UXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3bc5a4e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5f6c0412-61ff-4fcd-9b9e-b1643f5c587e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame BE08
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3pT8ahffALWIYy3NMybVHwd4n3hKKw%2BpXLJNmkYrEpIkPANlRHizn%2BxPrltFlZMgk%2B5TzpI2bWo3yPXILq8OS0MdPka14EtzBpwShvDSvZvEiIy8J7%2Fivby61QZKiEdjqU6DAVsoP02efnjyTTngg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f45df54e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
us
sync.go.sonobi.com/ Frame BE08 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ Frame FCCD 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 9151 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0470bc16508fda8d0d1cb070413299d346c3d31583edb1968c44e5c36e28bfa5

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=c460fc2d5405a0&2960fc2d5405a0&0460fc2d5405a0&9c60fc2d5405a00&2760fc2d540b40&2e60fc2d5405a0&0860fc2d5405a00&e660fc2d542760&6f60fc2d5405a0&4960fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0360fc2d5405a0&3360fc2d5405a0&5a60fc2d5405a0&bf60fc2d5405a0&4160fc2d5405a0&1f60fc2d5405a00&ce60fc2d5405a0&f160fc2d5405a0&bc60fc2d5405a00&8260fc2d54a8c0&2860fc2d5405a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
64|81|47|176|46|3|39|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1573
Expires
Sat, 24 Jul 2021 15:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:12 GMT CMRUM3=b060fc2d5405a00&2960fc2d5405a0&9c60fc2d5405a00&0460fc2d5405a0&2760fc2d540b40&c460fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&2e60fc2d5405a0&0860fc2d5405a00&4060fc2d5405a0&e660fc2d542760&6f60fc2d5405a0&4960fc2d5405a0&4160fc2d5405a0&1f60fc2d5405a00&2f60fc2d5405a0&0360fc2d5405a0&3360fc2d5405a0&5160fc2d5405a0&bf60fc2d5405a0&6960fc2d5405a0&5a60fc2d5405a0&f160fc2d5405a0&bc60fc2d5405a00&8260fc2d54a8c0&2860fc2d5405a00&ce60fc2d5405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:12 GMT
/
ssc-cms.33across.com/ps/ Frame 0548 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Sat, 24 Jul 2021 15:10:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D81D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55126
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:12 GMT
vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 9987 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 24 Jul 2021 15:10:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YPwtV; path=/; domain=.go.sonobi.com
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 55EE 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame C24A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame BA80 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 1D5F 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame D7A5 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame F52A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:12 GMT
us
sync.go.sonobi.com/ Frame 2375 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FVfUC96bXx7MIS98p6CbaKKwg%2FiDuetz4dK%2F9sm66GbfS9mVEkFDT49jvF1kVxo0tYH8sfo9HafH2EBerjJWsd2VlBNQl7FWsvU28mrwJyP8cC%2Bjcp8MHJXa9vdDplL0RX3X2A2N1AF%2FfuI%2FM3z%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3cc8d4e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
1
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVCTJod52dYL2%2F6wxf%2BD%2FH7c7WHR6zWCBGDx0SCmTGgWZRq%2BIM5fnVrSfqgavtfkCIDjSINDendSg8To7vojTSQ%2BZleGQP47KL0YRtKj7jhI99RJWC1dVM9LkWvpiz08sQPkr4%2BdPfUPoTnD5iKzUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f42d594e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr8GUMgSwR1jQCFIzmvOjENHzCGlqoIipEm8JHddL10wtg2JIrq7js3J%2BrFovEPW3rXlfbq228pgwHarYLzFWTnQ%2BHQD0pbpyJCm1Y1oc3yLLsadK9m94Q%2Bzt4p9Urv4RLczVnQ6ByiIJ1NZh4PkPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f41d344e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
368abe9c-41e0-4d33-bbcb-e7366509e52d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Du%2Bvk0Qaimq9%2BoIKC9LEZtSvSISiAQqvn9tKppzLvCi3ZJBEN9lS6kV%2FK5pEEFKLwrjFUiAq4rv0ksdsygiNDjo3RZut9PLak5C1vV1jBwntoFLLv4WJKuV2qHIYTXJqLXSo5lKL6S0lvXwoCFzTRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f3cc884e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=327bed14-e984-4ca6-b7f4-e4734e3997af
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=327bed14-e984-4ca6-b7f4-e4734e3997af
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqf4itj3aV8BpDV4cFecGG%2FJxYj39gPbdEFJGTrXkLBv91huw4ZwHAPatWXVZL%2Bzs4pfMl%2BWcJQsGhx5njoCSuD6kt3mTgN5DqgKLORHBVkaPJkpm0ernW7xPmR7IY4wwmlhdSgxwU8%2FH4e2BwmIcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f4ced14e61-FRA
content-length
43

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OioAcU1V61QlXCvhitdN0%2BCDkY39fFMB7yUAbKnZfmQ8ZnkEJnVF%2F9%2FKqE3iU%2FJmV2AK%2BimYzllnRB7Em1biudczq4nQbBPNppe%2FB1CuuIVOW98zhl935GR1VF5UFnWma2NUDdh1%2BBGKPCU7zjs%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=327bed14-e984-4ca6-b7f4-e4734e3997af
cf-ray
673e12f33b784e61-FRA
content-length
0
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qr4%2FEVsLcAiV9Gq5y0pf32vtfJENMPZKiWMEz367%2BG05NbXhTujlj0R00qa9k9mRNqRi9UIFUTMEW6GbLznxj%2Fi%2BcWn8JOEy9z6HC0Z2mXGTqH9udQO6%2FPSU0DyODOLHaFIN%2BsaBrPUzeS9bpSolgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f41d364e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
df6b476f-d832-4bd5-b9d6-a8afb0edd97e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-82503141-8fb8-4cac-82e7-ef281327e213
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-82503141-8fb8-4cac-82e7-ef281327e213
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SWtaS%2FO2vS1J8YwhMpQEx8P5gUmeZ2LlIJxTTauFeJ4CVMmabFW4jsqnDE7I72khRf%2FlwDoFI%2FYT15x%2FXXRt34T3g9r2S3Jb3XlQk8gbx0F2fIRyH07rdUlmjgHfKlnzhScZ2IVXzAci78toOOo%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f54fd64e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-82503141-8fb8-4cac-82e7-ef281327e213
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HO8hrBrqvy%2BpttRPf3rPBXwHTYOAXFundjE1T%2FI%2BiinORgfCSlVlFh0%2Fwmy7jzBlTIEjoXQ4dfq82OTEAoHMFfbzovojl1F0my9gWobVU%2BUKDwYfDkru%2FKmQq5qsBdyhFdz4jGU7F4as%2FaRpWi8tBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f42d454e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d13762fd-1c07-475d-90f5-05a9549f6ba6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2375
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96Lxk%2BS0RrcdlDPJA2zrFd4D43t0l7dnC3mnw%2FHm3Qp5sGN6WEosHEjar93v1vK447VmR4iAP13UkKoMz7ZSWR8BDV1oSwQ%2BAEFXQhSGnS%2FvpUtCK6O4ohz97%2FeQm7lKmVpgDloyMg1HGLrVyXivRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f49e894e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F560 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a19f4ea5e75cc96e6376eab7da0751d9471488b1382eacb0079aacc17e64321e

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVQA; CMRUM3=8260fc2d54a8c0&2860fc2d5405a00&da60fc2d542760&f160fc2d5405a0&bc60fc2d5405a00&ce60fc2d5405a0&1f60fc2d5405a00&4160fc2d5405a0&3360fc2d5405a0&5a60fc2d5405a0&0360fc2d5405a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&9860fc2d5405a00&5860fc2d542760YPwtVAADCsPbxwAC&4960fc2d5405a0&0860fc2d5405a00&2e60fc2d5405a0&4060fc2d5405a0&e660fc2d542760&2760fc2d540b40&2960fc2d5405a0&0460fc2d5405a0&9c60fc2d5405a00&c460fc2d5405a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
111|81|105|47|191|73|39|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1634
Expires
Sat, 24 Jul 2021 15:10:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMST=YPwtU2D8LVUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 15:10:13 GMT CMRUM3=ce60fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&bc60fc2d5405a00&f160fc2d5405a0&da60fc2d542760&bf60fc2d5505a0&6960fc2d5505a0&5a60fc2d5405a0&3360fc2d5405a0&5160fc2d5505a0&0360fc2d5405a0&1f60fc2d5405a00&2f60fc2d5505a0&4160fc2d5405a0&4960fc2d5505a0&6f60fc2d5505a0&e660fc2d542760&4060fc2d5405a0&2e60fc2d5405a0&0860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&9860fc2d5405a00&c460fc2d5405a0&2760fc2d550b40&c360fc2d5505a00&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 2496 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YPwtW; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 5E48 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame BF63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP002
date
Sat, 24 Jul 2021 15:10:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4243 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55125
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:13 GMT
vary
Accept-Encoding
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame AD21 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 2E3B 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:13 GMT
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWb%2Bvl74ckff9RckuOkshoN57M7pRGMJLdhRXUnwRQf9Wbp4ui2AaRfbJpFUQnJuOT54wASR9cgqcWaS50BoBS6k2%2BHok1TP4h53XBtiTXoe%2Fge74JbFfMBCqj%2BzTH%2FbufU%2BjcUjMfczJOnmNBeBZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f45e0a4e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUH%2FvbxSi7g9JPvsFh3R1%2FT2XfS1wQmCVCtsXwyby%2FjhoNsf86wtgBqZPEcOsHc6uqLMgItJIkBKtYTsY8rD1HyE6Vxo7AYvr57yz8E%2BB9OnLiK1ZMZCJaKlc8%2B%2B%2BEgTRNePb44fD34qQGHCklnhHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f42d574e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
00d3e450-1e06-438d-b936-06527112838d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 52C2 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRLySfHUIElzpxJRgu6HyFA96bXlhhbtnhsQg7y4Sd4e5UyLt%2Ffs2VoH1Ol6waIYGOJmwLxk5O0zNsl9%2BMr2%2By6zCDQtUIkjwbMeIDz5vgaY089DDaoaKkFQBxYVbFrG3%2FHeNj6aX0e39pR0F2EImQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f44d9b4e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8opWC88NGSms4i8%2FyeQzUi5AyHVMDf5pL9gnbTyDS0YeJ00bT6ZzSRkt8KkTE1vuckwl7xIycx2SBd8uFb7TNBMH6HGwnBczuvzQPjf03zX61mGOQ0kIkpWfEfgM4EyMjWjJ9HQjt4Twq0TTTpHU2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f40d014e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATNDMd4YkUGEqSgTSEKzGWvYmdq%2Fa4hVSC6b94mxr1RXiEMxZzEUVfkVryJa5Buj7bf%2FXL6EnkwKTiCUKFbdeLLa3cO%2BJkEUZqV5BKxm0DZPSzCCTHUf%2BxZJe1Z%2FYigBC%2BBnKukpSRUn8zQx1ozKuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f40d004e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
date
Sat, 24 Jul 2021 15:10:13 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-626bd590-c77e-4928-a15c-a5a90c985b18
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-626bd590-c77e-4928-a15c-a5a90c985b18
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FC%2FcUq6A6KlXxaO9NzwRxtnmUIcZbzjynU7yibcOJyIrX9ZZKn%2F7X6LPSj7ASKsYOvnWd55RxdH9DbF%2FUctwVn7hEFtXZ1eEND%2FbXta58zT2Q6kJVpKm3TnW%2FWcP5qtlLQyjLyiq4PbEXq652F5coA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f54fd94e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-626bd590-c77e-4928-a15c-a5a90c985b18
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fGxfCNLYade%2FbjtYD9pm8gAJgueAyMZR0m1eMXR9iKdFmomkKw5VCnqfIjdZpsI0TQNcHz9OrMJfaSLBxr3p5B0scGrdVgD3NDMuE13BN3kG1KRII%2FEggKjFaETewH%2FfyNyMItojYQXbNJ5fbiy2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f44d814e61-FRA
content-length
43

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivBKYhk6iSx8gSX1mOgBuae0j0fmJFtZYTq3eAywCeY457k0Uq3jb0%2BCzNiUw%2BjFDVTYNGvAiiZkNlJQKIq4ElwPhU1ai7zEXutmfgVfiM%2FV7NEHMosrJcz1soIbm9MGJh%2BgC%2F9QwQtHpW4kLhg%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
cf-ray
673e12f36bcc4e61-FRA
content-length
0
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOXMVIxYoMbZaIW6VBbXU5h4Bo8eO%2FkhRrwyFrcKO3kibsbAPldFhYDGPr5hgtYyCa9gtKlq%2FU%2BLA0h3wqdJ%2Bf%2FUh6Vfq0bHP3cTFmHqBYQKI0xmI9OrekW3deIyUjGbS3oYP55nM%2FomCR%2BEQNekDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f42d584e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
06bb1896-9bc3-4860-ae22-2f506e28acde
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 52C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV8EwmOiqciczKFzcgPDlpAxKPTkFzk1lxpzoWZTqYNgwEoTPzMYSu7AR6O9aoq2mTjdLizTnYf5pghVY4iZSckUvPZWdUjSRXhR1W1V3Vpd%2Bu6xdgM9RWxFqAvT4RVMbjYRGlrVS3PZvdrPBAR3YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f44daf4e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f2c754d7-acd0-4b93-b651-796652f592b2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 9CCA 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c6ee139d600a9345bfac69b4ef79df6dd5bb6034cf9d1f2877ec7fe0285be653

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVUA; CMRUM3=ce60fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&bc60fc2d5405a00&f160fc2d5405a0&da60fc2d542760&bf60fc2d5505a0&6960fc2d5505a0&5a60fc2d5405a0&3360fc2d5405a0&5160fc2d5505a0&0360fc2d5405a0&1f60fc2d5405a00&2f60fc2d5505a0&4160fc2d5405a0&4960fc2d5505a0&6f60fc2d5505a0&e660fc2d542760&4060fc2d5405a0&2e60fc2d5405a0&0860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&9860fc2d5405a00&c460fc2d5405a0&2760fc2d550b40&c360fc2d5505a00&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
176|123|57|13|239|46|111|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1470
Expires
Sat, 24 Jul 2021 15:10:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMRUM3=5860fc2d542760YPwtVAADCsPbxwAC&9860fc2d5405a00&e660fc2d542760&4060fc2d5405a0&2e60fc2d5505a0&4960fc2d5505a0&9c60fc2d5405a00&b060fc2d5505a00&2960fc2d5405a0&2760fc2d550b40&f160fc2d5405a0&da60fc2d542760&2860fc2d5405a00&8260fc2d55a8c0&ce60fc2d5405a0&4160fc2d5405a0&2f60fc2d5505a0&1f60fc2d5405a00&0360fc2d5405a0&5a60fc2d5405a0&6960fc2d5505a0&3360fc2d5405a0&5160fc2d5505a0&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0860fc2d5405a00&6f60fc2d5505a0&0460fc2d5405a0&c360fc2d5505a00&c460fc2d5405a0&bc60fc2d5405a00&0d60fc2d5505a0&3960fc2d5505a0&7b60fc2d5505a00&bf60fc2d5505a0&ef60fc2d5505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 6B95 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YPwtW; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame ECDD 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 72AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP003
date
Sat, 24 Jul 2021 15:10:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 95D0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55125
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:13 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXdl9C%2BXAB6lW6zobF%2BCrMBdf33FeIToudGMCpB%2BEkhYY2SNQln98FoMOQo5vUiU35soBpcviq5%2FUZrEDS7UZnS2PZVrkfP%2Bxbp6nhhfqXk%2Bz8T33wyF%2Bv3wvE2Didj%2BnneuQvIzTL8WL%2Be45fa3Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f42d534e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bD1McSgIB4LvIX%2BcVzSi1lifbEbT1khuVN3Y2Wsl4VgMV32tgh1OsX2SSTJXPyg4j76IS%2BTWx3nvkTOEJsH1Dqn%2FWXHoRj76rAvqeULTgyLhkugmJChJwg1RYRQJ%2FxOoXDpZXGtZ6o2fONPvO%2FxkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f45e064e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ce5a6124-46c8-437b-b419-a73d8841d726
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 5BFE 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMfla%2FRzjMwDy3e9GOEJZ%2F4spubzPD2nVmcN4bQy6rgFkktl7c9%2Bx8LnjWC7TqWM0416S6m3pwP7%2BgLRUsfhnDhuqvNP%2BhzyoafUdqmwQz81LeZy7QUJ4H3%2F2c%2F4MN46P6CQM1IkIqNR2nt1ZoYFYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f40d044e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFHDo77jJOFiFzI30FDUc8aJ6bNR%2BOF%2Bdwii39KEp%2FFbQk0T4uXjYt8e8NUvrF7YBCbAI11nxdVxMh5rIQzeXDZlH1r6vYgm00pIL%2Bq3E0OCm56GrQ%2FyGks2fNSm%2BxHmzYgdCr1HiENkHgKAnWsmGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f44da04e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxZv1NMYn0MfbRxyNHuwWE32X43ymMFBv%2Fhldy5KJUa3Rk0rkGNbJ6crorHnZiML3bePolOE2j77p%2BgsIsriPfGfB10Z7Y%2FSmyN8V7Yl6v53D387NwEK9hTCxBZI1g48ubpuR1RLwLbZt97s9mJiTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f40d034e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
date
Sat, 24 Jul 2021 15:10:13 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=03981cee-8bc9-41db-9702-d6ebfb39ed13
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=03981cee-8bc9-41db-9702-d6ebfb39ed13
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi%2BC0bKxv62NuGuNBMkomhKLGUdBh9%2FVxuqhmKfNtUuSmsGoGHnEj%2Bu1mO%2Fq2XI6ackfv%2BKlz71ZzthlLmXp%2F5zwyn72FPLgjhAZsRZyjuaia7SHPLuujOJFQ%2F867Yvdbky2l8cwqa%2BVZ5dj09fc1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f53fbd4e61-FRA
content-length
43

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWwVY2%2BehGdRCY2Feil3LP%2BpGi%2B0HQf37Rn%2FJjh%2BCxs%2F3PKJwK6U%2BoOu9Sosy0Nl1VGYDFIBK%2FhrA6hDuIzdjNw%2BxLeoIMOxolh8OL9%2FGv9jRySB8ohHM1uBeZj0MQB1MVsHr6r6ZVbAYh3Nl1k%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=03981cee-8bc9-41db-9702-d6ebfb39ed13
cf-ray
673e12f37bec4e61-FRA
content-length
0
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBTxh36xmzVuUrghF4zfr%2Bh8aSpPpDY3GM9Wa%2BfnrL2gQFSu%2Bd4EwwE3kvIZ778TjrdXEin7y4rQbw%2FEAZPR4iuUs%2FE4C1oPrkXAmNwfI04dbOMBV35zfuqSeZKBOShy92Z%2BzG8d426YMWaWAH%2BGQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f53fb64e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8c9ed36b-b0e5-4450-8053-def371167c20
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-5aea36ad-3702-4feb-9da7-0f8a8da4259b
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-5aea36ad-3702-4feb-9da7-0f8a8da4259b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRVzWpiDgj6yNfpnfyW9wE%2B0u5L8qKo0t%2Fwi8Us%2FVdoyEOGmdWAGD%2FzlSDtv%2BrwCv4BOxyqCH0sECQTGRzHIe9%2BiDB9ZVRHCvT1Dv9kclg101%2Blxcp%2FnNyxsIIxkNMYHH92OfM9JaffsXXdtE560HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f54fd84e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-5aea36ad-3702-4feb-9da7-0f8a8da4259b
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 5BFE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2By6k%2FTHNuRudGjdtAcmc6jWQ5DPJ8i2Je9irof1Cb9oMdxMYXotztp97%2B%2BW9ApVUIVUF6zSY7FvNct60p32jgS4rtq8c%2F5QGI9HfGhzeExgjdioOU9bXbvIvlqH%2FVR9XUFcMSuwlZXZ5ivsBfdhiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f49e864e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
38346a2a-1ad9-4544-a686-c48a64093273
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 216D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55125
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:13 GMT
vary
Accept-Encoding
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E9FE 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
54ac672b001f99520008c1d7c5e5d54e30af66628550e4111f9a73ccc9ff1936

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVUA; CMRUM3=ce60fc2d5405a0&2860fc2d5405a00&8260fc2d54a8c0&bc60fc2d5405a00&f160fc2d5405a0&da60fc2d542760&bf60fc2d5505a0&6960fc2d5505a0&5a60fc2d5405a0&3360fc2d5405a0&5160fc2d5505a0&0360fc2d5405a0&1f60fc2d5405a00&2f60fc2d5505a0&4160fc2d5405a0&4960fc2d5505a0&6f60fc2d5505a0&e660fc2d542760&4060fc2d5405a0&2e60fc2d5405a0&0860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&5860fc2d542760YPwtVAADCsPbxwAC&9860fc2d5405a00&c460fc2d5405a0&2760fc2d550b40&c360fc2d5505a00&9c60fc2d5405a00&0460fc2d5405a0&2960fc2d5405a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
176|57|10|5|4|241|191|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1333
Expires
Sat, 24 Jul 2021 15:10:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMRUM3=c460fc2d5405a0&c360fc2d5505a00&0460fc2d5505a0&6f60fc2d5505a0&0860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0a60fc2d5527600&bf60fc2d5505a0&3960fc2d5505a0&0560fc2d5505a0&bc60fc2d5405a00&be60fc2d5505a0&2760fc2d550b40&2960fc2d5405a0&b060fc2d5505a00&9c60fc2d5405a00&4960fc2d5505a0&2e60fc2d5405a0&e660fc2d542760&4060fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&9860fc2d5405a00&5160fc2d5505a0&3360fc2d5405a0&6960fc2d5505a0&5a60fc2d5405a0&0360fc2d5405a0&1f60fc2d5405a00&2f60fc2d5505a0&4160fc2d5405a0&ce60fc2d5405a0&8260fc2d54a8c0&2860fc2d5405a00&da60fc2d542760&f160fc2d5505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame F939 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YPwtW; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 651D 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 8D83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP001
date
Sat, 24 Jul 2021 15:10:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BAF1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTzho6W2xKuLWzIvMzkgUpYKNyae95RkJNPKzeDLSTrRE4g5lGN5-ANxZba6hPCKe2ctjbzsgVI3P7JSieccNzCjA8J3TAUvWgT_XJoGl2jvUiAR8ElSPBGDQ3jg&sai=AMfl-YTB_E8QOk8PUf5SKxonYA6t_vjhyqP3qul91gFVXen6H7N8CbBuhUWYSJ5UkDGcIwFVHG30UHTfIf_mcd1uQh8W0XOtcHyuDfaTV1qL36HJBnzzkMynbYhgkl4&sig=Cg0ArKJSzBprRkWfGJ3KEAE&cid=CAASEuRoXY2D-A-ohf-B5HTbyJIDgg&id=lidar2&mcvt=1118&p=489,986,539,1306&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1566529327&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627139411200&dlt=82&rpt=5&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F5B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpbABUy38YLvZIdWw3gOTlYmQDQAAAAA4AeAEAg&bg=!e3ileDzNAAbnC78O5ws7ACkAdvg8Wi3CKykT8hfiRENvSF6lgbdBsy1TRM10sBjraNEsFTA-egV4aQIAAAHAUgAAAGJoAQeZAsb3-kvGXM7_3bB75tMWwyZM40DgIfNEMHzoL3GkmYbbws-41lus6qt4P4JIViPx5DDfnGjQ9fWkRIQPyhfJxCZIW5Fj9GI5NkKAJbShGfW752fVN5WHS34BqyTK3fX00GhSf_fw9F87uZ9E3fninWw0Kpk49Innaa-Dzk4lObpeDICWolUTIiC0JCxRCJ4hZVXhi3b2eOqVL5W51iwdPg9pSbT0zAV2DsndLuoH91AX6nQa4cCeLZDhju4YQB04qxHR3hW67HGjVhRcDGjL-SpAhN8F62kKmyp0Gc6EZXwsGM9VhXN9RbmumiBgR6ag2QUcN9je7QFKWdjvuYViNIT7nYrDlp4v-dK4K-fnY0JwIaXwafCiAj4UZr2deACOaUTxNPiuXDq4kLfgV7QgI_4x9wh6zIB2gK6ruesvAgyg3BowzV8hKekbk6NPnkFRooXpAOp_U_lGztiBYbPkRbarGgVc6G0Du4ZLIKId6yQplEpYgs5VcTfCroQFSvhoAtnaj_KTaRvQGSE-VTxPhPD9lENW-X8xeopjIQKiuFys4bdWa1tojdJOk-CVXefS4r6WP1F4xXD8ZNbt34jeeaPOx7zwqLFJTB_S0kOK-CNgls9_Dx70RRuWbuKxFah_wzp_eNAEanJZVBwFMvnyHbEMxN8mrNfZTfpNHmJLMEshVdEQeA7O3LE7OWOCTOhGFQ_PPmTTbxxzs0LLExs_umj58w4ynw1U9tAl3zpPoHS9uyDLzmFkAFfY9T3I1FeYJFn_lUEbrWkFeAL-nsPJln-BDtJQAsZMLWodSmUDGQsW0zPVFFKSZy6uc8-eOHOJvVHOV1HXGVHOkpowCqljLbvSOS-tmpVkSGA7uBNhgn_4HnaLRAsBF_RHgO5OuH3_UJvfelSIxByCsw__tFzNV0TayH7krmSApCWSvDhpIsx8KnfDbAC3dw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F977 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshQUpWC5FSMQVGxgtGZWHh4OGLtgsj1Ffq-y3Snsu6HJpGBJkyu3IRLqTKRBWTvW8ro4Vl1l8Zf3RNljtMEv2ywjj9MTcDMIEyl_vRbcpO3SSKsR7f&sig=Cg0ArKJSzHKpydr6CKgNEAE&id=lidar2&mcvt=1102&p=0,288,1,289&mtos=1102,1102,1102,1102,1102&tos=1102,0,0,0,0&v=20210723&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1729793250&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627139411258&rpt=0&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9B07 		28 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&us_privacy=1---&account_id=20598&site_id=277064&zone_id=1384678&size_id=203&rp_schain=1.0,1!selectmedia.asia,5e3a966128a06134f417790e,1,,Mail%20Metro%20Media,mailonline.co.uk&p_window.depth=0&rf=https%3A%2F%2Fwww.creaders.net%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=336&p_aso.video.ext.ad.h=189&width=336&height=189&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8312407432273297&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.50.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-50-45.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.creaders.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2BD6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQWqVLKO_DSYy50UpYEy56bUoU97c4XyZ1pWF8uKe_BimylxAyhLcFUMWzCy7IDGsxKJY3YARxXCU3QrzobpxWcAll4IMijz-26nEL73dKVu60KYoK9kUQX6it8g&sai=AMfl-YRpKENsnQoDxWH-_1qhm0ZMtmaUyMqmIHhE4xbaTHgrZMFihjQrtWoBt02JYTkVFKr2rxDSTjS3ATdkcqHVbPlsOga9wMkQiBSWBaIKMXgqi9aSU5Zsca4gUUAcEacA&sig=Cg0ArKJSzIm3abbJ3yCqEAE&cid=CAASFeRoS3wdGW4KrpPZMocFysr7TZgRmQ&id=lidar2&mcvt=1086&p=704,996,954,1296&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=946318479&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627139411257&dlt=31&rpt=1&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B58B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bu9NvUy38YKToJIzy3wO-no0wAAAAADgB4AQC&bg=!hYalhsLNAAbnC78O5ws7ACkAdvg8WuD9xFwMTuYF7DuUuRx6tcqaUu91R0ziJMy7XoRolH_09IZepwIAAAHPUgAAAKFoAQcKAHSamiLcIyMddAXQ0bazvGEEFHl-VeuVf2FDU77TvmQgv9gNZWnMpmE-59n9cxLkOWeZ15F8auU_2v1xUz8Iq2Us4jwBDwyFNeoYXZm9yW60ugfqRGvAQeACSeDsHb6Ktdeb8ITRlRdTUroHtak5wfa8lPlurJkC2s7VLcibo8C39n8pD1Tsbj5R8MVMonGPRT4CLd7OrBRvBVRoeYF2U2Xy0Hmmri4pSY1o-PzFw8ewPjBon8nACnJM0b4kNg4GonUPWAjPAqnQ5Ohv6uv05aytUnzHCMb-DYgfP9a3-mDswTAivI1VsZRPdMDQxtxpoDq6vi3CnmnX7R5I3FYP-GmS9M36HXBW1IXVLIPwV-z3ptSxZa0d6vLy8WCx_VqwvEBIkJ5Twzu-hJFYo0KXZJ0797yoaIO3VMobgWuYV6twX7J1r_307urnAh7M6Is-n6bs1uBibmqSpmd6Ui9_k_j2Pg94mLUM45d43HJXZ2Vu2T5x7HO57zmEB-M-Oug4vKKBeBhAbHsQb0SCdNGCKquvjUaCj1T_Mhga3rEYpjwkcBlP660qQSYoILQP2zPbXED--SZQzhz7IX48PT-Tt433kk6kn7nR5AzrOUSR3F8jgZbx8zlD5vy2xMFoD5M8lD-oP5UC_jy7NMNZb5l8sEscXedBhNOUQSZskwsTTdUh1b6m2x2gFbXSB-oX3bxHfHLedk9TKrk7H0tXF3hHD8XgX3IoIEjJyaj-MuUH9fHmZ2q5joHCRTq_Xxwq-EEWoSm3bxRU34DVmKE94Evd6NDTZRFRX-18KhVYXz6W1-dmNhZhmLTtueKTNA9D64JT2GVzLMc3uAWBIMjMGZ7Htarm322thBBXJY48RMI4cAvd8F_3SJMamTR-gBgk-_TtSQhQuZ6nMZPtdZxkoKXftX2qUbFgIO6jIrH2aYDORCzP1na8JBMUrpIv19XefYqzPwFyBk62atanxnEIC6aUD_nQmJOF42hqxIeuKgLAt3XpRHMTqNeEbU0UQrWL8MAfbDvJj844EwJygJHnjcG2-8i9EIzBIV_lj_7MrWAweSxmPjZd0AOqTZlzcuAs3qNu7-ziRoKO9v8vd94nUhkufmqIoU0J7qKnB5akIL7TQNRwo7Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wcGr4xNoCC67sl1XzWPq%2FL5h9Q1SXq%2FS2sZhj284shZkOp1HeU17dB9mQoQL87SalYP4tMejSLFwwl6lG%2BNGxohfLAEG6a%2BJT%2BIgYK%2F7RbwJDwnd8%2ByQPwLmvIbOJo8BG5A7wLq914Kd4LvHRLJsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f46e244e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9_jfxzZE2uEDztswNa3a94azUJpQCAwSNB1Unw0-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3e964384-ec91-11eb-b712-02e20520e836
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmMNwUJh87A%2BGXWaBSDJJMsux%2FfZxWaHsTwXVYW0LHUPI5qEfG8yJDgS8Poy3A9GuwSQA828qjN5KDlTygEq83VWGghqzPAepk2pfTcxsxB9066o%2B1rhO55ezCjyEHECjwZGa8HBCpF%2B%2BhfNlfII3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f52fb34e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3e964384-ec91-11eb-b712-02e20520e836
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCT6RTZNtg1BQFV%2Bm8kr8J4ldq7SjKvavGEWtw0ZCoNB2oBAHA18IX%2FqhyEaAU8LwhAC%2B9wnU81wyeHRVZFuHkbaMFCAN8LFnvut9ZGEh1VWCFUL4l2tAxtyfFTpCOeKtCd%2BvMTvYKDu2a3uvQcxtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f4bec44e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
64a46fab-c915-49a1-88ad-5048bc0a1060
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jpNOjTwYDv1VcOz5Ys7jZGn%2BFsu1oeG%2F0lOpQI2ygXn6OKQA3o7B5Sf7N0IA0gz%2BT%2FLodEifn3eCt3lCN01uxauMLrxwi4UzDbpY9cWZu5KhiUlW9UZHEoHiBwlXSTvUV2yxFRjiY6JyoEXUgranA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f46e284e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c9aed006-72af-4acf-9768-afa11676a2b7
date
Sat, 24 Jul 2021 15:10:13 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96AQVfH9ITrkEluf8FRtWcYnzI6sJ2TyVKpdLqlpt%2B6SIdnVXBk7F6y9%2BtbljC8xbIgif0%2FzIPfdGeM8UcjFOnT5enEL13TXOdin52J9XzqXig95R3bWXDrQikiFOJZAJMl3zz6NxVKCzPAoLJI%2BLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f5987c4e61-FRA
content-length
43

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXJzuCcA00fn4wPdhK0OEwr9asFYFcs4f55ekyvg8HZZspoBy9gjCwDPEo4Q56dE3YqdEJhtBDpwzKVC4KFMPSWAAisIY6Uay%2BYC%2FoXVDXvKrw2i0jt8hOTeSzZfEkrRP7npFuAg7M%2FwLRJYFWw%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=156f52ec-e85e-4887-9cb3-97b3c20f76e6
cf-ray
673e12f43d734e61-FRA
content-length
0
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtPOePBGai8fREdXkhUawcgOjTXM%2Bjl7p%2FLgp7gi%2BKodHPLbCbkS%2F0MiQCY5PuR%2BLNERIC2QuoQ6LgeOXUIRGPC7hlm1QE8UxS%2Be2%2FbUwTrmciqm%2FJdQjKhqj4ZbtPWb9MqkCUETLCaiCOmAFShZNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f4ced04e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f8caec77-f8b9-4fe4-8180-7fff0a1a4bb8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f7a4194d-a87c-41f4-9545-9f9b7d4380ec
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f7a4194d-a87c-41f4-9545-9f9b7d4380ec
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyawVa15PaHD5ReVpR1vDhdaFd2pQ9mg0OkS47AmfvE8BhM01CjR%2BTBcYjEfJKV%2F%2BCLjJsH7XMIMWn%2Bf5a0BmH56mgCt6ud6TFJQuKT618UT4hrEUKMiPh7858i0NwWnCHBGbvbLXAxB9Ai5V4h8%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f568124e61-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f7a4194d-a87c-41f4-9545-9f9b7d4380ec
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoUB2ij9BEa3%2BxpV5qNJNBYwG7%2FWYrwVkBd6Q3pfIOniD2JFOA5cXMNj5rR7cmuGg98o1qndttW0BKUB5Z8Mm4Jplhp1QuOE%2F7%2FXeU5gdEVVGbmujt6HyS3ZA5yO4P92f7Wq4d%2BQoHstDxrXj7VxxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f52fa84e61-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4b9a1201-11ec-4170-91b3-b8a4dbb0e0d5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=164231991169914520
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 308F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeDq77YGqLLfEF4tZqP8I2%2BktCHASMRxfDSSOuSnyFhdgUFlpsb%2F7HRD%2BXZIA8SVByoJOFj2uucBu4t6nnfcC4Zk0goOKI2uQDdXSIORutDyc5al1WUDOzn7VXn2AfKMPH6lKM8XGGd4JuOdXSQaDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f52fac4e61-FRA
content-length
43

Redirect headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f502fe43bcb7831d32f89281
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
us
sync.go.sonobi.com/ Frame 308F 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 2C5D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ac6198e201a75af368e9365a077dfffbc90ea40cf1d17c680208a33b5019f4df

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3226; CMID=YPwtU7a51oJR9OeYghIdFAAA; CMPRO=1111; CMST=YPwtU2D8LVUA; CMRUM3=c460fc2d5405a0&c360fc2d5505a00&0460fc2d5505a0&6f60fc2d5505a0&0860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0a60fc2d5527600&bf60fc2d5505a0&3960fc2d5505a0&0560fc2d5505a0&bc60fc2d5405a00&be60fc2d5505a0&2760fc2d550b40&2960fc2d5405a0&b060fc2d5505a00&9c60fc2d5405a00&4960fc2d5505a0&2e60fc2d5405a0&e660fc2d542760&4060fc2d5405a0&5860fc2d542760YPwtVAADCsPbxwAC&9860fc2d5405a00&5160fc2d5505a0&3360fc2d5405a0&6960fc2d5505a0&5a60fc2d5405a0&0360fc2d5405a0&1f60fc2d5405a00&2f60fc2d5505a0&4160fc2d5405a0&ce60fc2d5405a0&8260fc2d54a8c0&2860fc2d5405a00&da60fc2d542760&f160fc2d5505a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
13|221|206|230|5|51|57|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1547
Expires
Sat, 24 Jul 2021 15:10:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Connection
keep-alive
Set-Cookie
CMID=YPwtU7a51oJR9OeYghIdFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMPRO=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Oct 2021 15:10:13 GMT CMRUM3=6f60fc2d5505a0&0860fc2d5405a00&2d60fc2d542760CAESEO_Ac-Lt9aFXZT7hgxExrws&0a60fc2d5527600&c460fc2d5405a0&c360fc2d5505a00&0460fc2d5505a0&dd60fc2d552760&3960fc2d5505a0&0560fc2d5505a0&0d60fc2d5505a0&bc60fc2d5405a00&bf60fc2d5505a0&4960fc2d5505a0&2e60fc2d5405a0&4060fc2d5405a0&e660fc2d552760&9860fc2d5405a00&5860fc2d542760YPwtVAADCsPbxwAC&be60fc2d5505a0&2760fc2d550b40&b060fc2d5505a00&2960fc2d5405a0&9c60fc2d5405a00&ce60fc2d5505a0&8260fc2d55a8c0&2860fc2d5405a00&da60fc2d542760&f160fc2d5505a0&3360fc2d5505a0&5160fc2d5505a0&5a60fc2d5405a0&6960fc2d5505a0&0360fc2d5405a0&2f60fc2d5505a0&1f60fc2d5405a00&4160fc2d5405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Jul 2022 15:10:13 GMT
/
onetag-sys.com/usync/ Frame 357D 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 8031 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP001
date
Sat, 24 Jul 2021 15:10:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B18 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=55125
expires
Sun, 25 Jul 2021 06:28:58 GMT
date
Sat, 24 Jul 2021 15:10:13 GMT
vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame F9B3 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YPwtW; path=/; domain=.go.sonobi.com
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A474 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4914 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FE0F 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8AC5 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 6E24 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 6E24
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 6E24
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 23 Jul 2021 15:10:13 GMT
rum
dsum-sec.casalemedia.com/ Frame 6E24
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 6E24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 6E24
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d19feac799fd34&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d19feac799fd34&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d19feac799fd34&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 24 Jul 2021 15:10:13 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
113
match.deepintent.com/usersync/ Frame 6E24 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-length
0
server
a
crum
dsum-sec.casalemedia.com/ Frame 6E24
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Date
Sat, 24 Jul 2021 15:13:06 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:05 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6E24 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1227
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:30:40 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 3E99 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 3E99
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame 3E99 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 3E99
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 23 Jul 2021 15:10:13 GMT
crum
dsum-sec.casalemedia.com/ Frame 3E99
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Date
Sat, 24 Jul 2021 15:13:06 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:05 GMT
index
dmp.brand-display.com/cm/api/ Frame 3E99 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
last-modified
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 24 Jul 2021 15:10:14 GMT
YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3E99 		43 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YPwtU7a51oJR9OeYghIdFAAABFcAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3E99 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3E99 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1227
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:30:40 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame F359 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame F359
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame F359 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame F359
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=_0b4SPsSqx_kR68TrxSzGKsXrx_kE6YZ-EG8TTPE
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F359
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ix
ad4m.at/ad/sim/ Frame F359 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame F359
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
x.bidswitch.net/ Frame F359 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F359 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1227
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:30:40 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 7D35 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 7D35
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 7D35
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
c1.adform.net/serving/cookie/ Frame 7D35 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 7D35
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9d119dbe-bf0f-43db-9448-5a27d7c67924
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9d119dbe-bf0f-43db-9448-5a27d7c67924
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9d119dbe-bf0f-43db-9448-5a27d7c67924
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 7D35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usermatchredir
ssum-sec.casalemedia.com/ Frame 7D35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7D35
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-09783869e9eb9ec2d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7D35 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1227
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:30:40 GMT
rum
dsum-sec.casalemedia.com/ Frame FD34
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
c1.adform.net/serving/cookie/ Frame FD34 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame FD34
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame FD34
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-09783869e9eb9ec2d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FD34
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
bridge
cm.adgrx.com/ Frame FD34 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame FD34
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
getuid
secure.adnxs.com/ Frame FD34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame FD34 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf%2Bf6A0WQ7%2F3hv8yqoRqLpukjSoHI6oYYCKA4K%2FW1INU3qwSZ9Zx2vCQYv5anjG%2BVK04%2FfCMmq1qi62aUdIfb4vCWfcjbOWPz3wdoUhzbUKxkmJ0xVWoQ5ABR4vbnRd%2BfLqUTMSeRymFf3Mh%2FoT%2FKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f4bebc4e61-FRA
content-length
43
sync
ups.analytics.yahoo.com/ups/55940/ Frame 5AB8 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 5AB8
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame 5AB8 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 5AB8 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5AB8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YPwtU7a51oJR9OeYghIdFAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
index
dmp.brand-display.com/cm/api/ Frame 5AB8 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
last-modified
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 24 Jul 2021 15:10:14 GMT
crum
dsum-sec.casalemedia.com/ Frame 5AB8
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d26cd93e505767&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d26cd93e505767&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403d26cd93e505767&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 24 Jul 2021 15:10:13 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
getuid
secure.adnxs.com/ Frame 5AB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5AB8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1227
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:30:40 GMT
rum
dsum-sec.casalemedia.com/ Frame 9151
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 9151 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9151
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 9151 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-length
0
server
a
getuid
secure.adnxs.com/ Frame 9151 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 9151
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Date
Sat, 24 Jul 2021 15:13:06 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:05 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9151 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YPwtU7a51oJR9OeYghIdFAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 9151
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.20.0
content-length
76
setuid
sync.quantumdex.io/ Frame 9151 		43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSM2ojQLxUSkcz%2FrSP4Kw281RLwlqD5fwUAdx%2BIRXXA1ba0VucDJGnywOnFW6Vhqb5y5TnqBmCjgjz7MK7Kqok%2B5kE77xSs7HnuYZD0LoTA1n5qu5lvM8SFNVK8iuGsfZz27lPtjeifcxG9A6ygtDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f4bec24e61-FRA
content-length
43
sync
ups.analytics.yahoo.com/ups/55940/ Frame 1E65 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 1E65
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627225813&gdpr=1
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 1E65
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1629731413
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 1E65
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

date
Sat, 24 Jul 2021 15:10:13 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD45E5673D1140C0BE47309827E5D454&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 23 Jul 2021 15:10:13 GMT
ibs:dpid=23728&dpuuid=YPwtU7a51oJR9OeYghIdFAAA%261111
dpm.demdex.net/ Frame 1E65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.129.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 1E65
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5062e1fa-4e0b-40b9-96b5-baad7a14207e
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5062e1fa-4e0b-40b9-96b5-baad7a14207e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5062e1fa-4e0b-40b9-96b5-baad7a14207e
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
x.bidswitch.net/ Frame 1E65 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
getuid
secure.adnxs.com/ Frame 1E65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1E65 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://www.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1227
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:30:40 GMT
match
c1.adform.net/serving/cookie/ Frame F560 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame F560 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F560
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame F560
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:12 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZJ6bduzg1M7ji45&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame F560 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
last-modified
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 24 Jul 2021 15:10:14 GMT
YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F560 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YPwtU7a51oJR9OeYghIdFAAABFcAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F560 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YPwtU7a51oJR9OeYghIdFAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame F560
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c780b354-5724-4d7b-88f3-e4505134227e
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c780b354-5724-4d7b-88f3-e4505134227e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c780b354-5724-4d7b-88f3-e4505134227e
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame F560 		43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLzPHWlyZgRUeZQG%2FVmEhX%2FN0cw5NzfM%2Ba8A29hnTpQDGLsDRGNtNQIzKXWv%2FbAjmVFeRDjRRsn3VVANQEQfkqwkuD5od99OxTZ72llm4A6GZRpRTi68TNoTXrnncp1vL2gHICxk4Di1wwnNNG2dXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f4ef244e61-FRA
content-length
43
async_usersync.html
acdn.adnxs.com/dmp/ Frame 786F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=164231991169914520; anj=dTM7k!M41.D>6NRF']wIg2GU%qgj2r!@wnfH8K6pQK`!5=E<*L5?%M-17MJ/Z-%cufmyC[dHtk@i-f/HAU(gT(..3K%nugO%v4VB%nn/y*2p58
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 21 Jul 2021 04:42:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 24 Jul 2021 15:10:13 GMT
Age
37631
X-Served-By
cache-lga21975-LGA, cache-fra19145-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 244425
X-Timer
S1627139413.320650,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame E043 		668 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
c87dbec1c1b59d434478c670d5edd07b19765957174ab806f2fb3820ec4dd255

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=275654b9-cb65-4fe0-a8bc-670d14e9d5be|1627139412
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=275654b9-cb65-4fe0-a8bc-670d14e9d5be|1627139412; Version=1; Expires=Sun, 24-Jul-2022 15:10:13 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1627139413|gekin0vNiygu; Version=1; Expires=Sun, 08-Aug-2021 15:10:13 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 24 Jul 2021 15:10:13 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame EA0A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=60166
expires
Sun, 25 Jul 2021 07:52:59 GMT
date
Sat, 24 Jul 2021 15:10:13 GMT
vary
Accept-Encoding
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a936b685776b62023ffdfce1f7ccc63&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g012_6988510564868079559
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTkzNmI2ODU3NzZiNjIwMjNmZmRmY2UxZjdjY2M2Mw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTndGZouLhmlCaVyARYEbk&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e8bb80da-53a4-49d6-a3e8-dccd9415a15c
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a936b685776b62023ffdfce1f7ccc63&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-47ZQshZE2oOSgfoUwOMJowthspGb6AM6msYxqYP4~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=164231991169914520
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADUfk7B-FsAAE9uuup_KA&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPwtVAADCsPbxwAC&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=ZJ6bduzg1M7ji45&gdpr=0
0
0
113
match.deepintent.com/usersync/ Frame 9CCA 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
server
a
rum
dsum-sec.casalemedia.com/ Frame 9CCA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=W4s3sCoITIdwWXYJXJLbkZBMbR4
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=W4s3sCoITIdwWXYJXJLbkZBMbR4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=W4s3sCoITIdwWXYJXJLbkZBMbR4
Date
Sat, 24 Jul 2021 15:10:13 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 9CCA
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 9CCA
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403f043bccf66fccf&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403f043bccf66fccf&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403f043bccf66fccf&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 24 Jul 2021 15:10:13 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
ping_match.gif
pm.w55c.net/ Frame 9CCA
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YPwtU7a51oJR9OeYghIdFAAA%261111&gdpr_consent=&us_privacy=&gdpr=1
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a936b685776b62023ffdfce1f7ccc63&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g047_6988510564868113648
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTkzNmI2ODU3NzZiNjIwMjNmZmRmY2UxZjdjY2M2Mw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBTndGZouLhmlCaVyARYEbk&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e8bb80da-53a4-49d6-a3e8-dccd9415a15c
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=164231991169914520
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a936b685776b62023ffdfce1f7ccc63&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-47ZQshZE2oOSgfoUwOMJowthspGb6AM6msYxqYP4~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAB6SU7B-FsAAE9EZbuwlg&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPwtVAADCsPbxwAC&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2541304801777919633
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
0
0
getuid
secure.adnxs.com/ Frame 9CCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame 9CCA 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ie
match.prod.bidr.io/cookie-sync/ Frame 9CCA 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.144.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-144-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9CCA 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOOmbqV4L4dj%2FVVa5HcQi408PtUHcj5TqTjvTu1KTOIU0FTiXeCZcxA6OFRzP4I0t5rV4ltA8E3MBEDjxLDXytEeZf899hemK1piRpWvxwKVIXn127xI55kBDBdWHmKkBPpsFEt8MKDVBmof%2BEeDng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f52fa34e61-FRA
content-length
43
113
match.deepintent.com/usersync/ Frame E9FE 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:12 GMT
content-length
0
server
a
crum
dsum-sec.casalemedia.com/ Frame E9FE
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827872676943449
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827872676943449
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827872676943449
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tum
ums.acuityplatform.com/ Frame E9FE 		0
0
ix
ad4m.at/ad/sim/ Frame E9FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame E9FE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8193421743655466862
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dcm
s.amazon-adsystem.com/ Frame E9FE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
A3J710YRR5ERA4AJ38F5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
161AXCR7732R3FSZWBSH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame E9FE 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
last-modified
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 24 Jul 2021 15:10:14 GMT
getuid
ib.adnxs.com/ Frame E9FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame E9FE 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFmtUSLnQfGalZFfPyaqULRvjHoOILTgzR5MFqblH6AliFb3F7iMNzWv1aftVY%2FGl9zY2J6%2F7LFFXXl8GshVfCmJj4E%2FsqYmsFzK7KFSvFt6rGi72egNXmRC7QLieLvtjWAte%2FzJ8H%2FOQiHVgVPLtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f52fa94e61-FRA
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 2C5D
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403696129d86128a2&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403696129d86128a2&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0681220403696129d86128a2&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 24 Jul 2021 15:10:13 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
tpid=YPwtU7a51oJR9OeYghIdFAAA%261111
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 2C5D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr_consent=&us_privacy=&gdpr=1
49 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.243
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPwtU7a51oJR9OeYghIdFAAA%261111?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.0.207
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 2C5D 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatchredir
ssum-sec.casalemedia.com/ Frame 2C5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3TVfuEdMkb-ds_du9t3b8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 2C5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
x.bidswitch.net/ Frame 2C5D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 2C5D
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878971852836304
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ie
match.prod.bidr.io/cookie-sync/ Frame 2C5D 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.144.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-144-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2C5D 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YPwtU7a51oJR9OeYghIdFAAABFcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5EgQ4vahCUSOb22wFbWi4q1IPfDD0s9NW37aVmxrJfmLlsWBOUVOhWyeDJAs9Y%2Fz%2BZt9t5EM5vrtZy0bb7KSEGsw27KvrG%2F%2BDY0wpB%2FaDhPsgV3YoPeoipH2P5KAgD27lbyP%2BL6YQ3KKLC02Ge%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
673e12f6195f4e61-FRA
content-length
43
crum
dsum-sec.casalemedia.com/ Frame D72A 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=c2b82bf9-f4a9-47cb-a677-21d934d93ace&expiration=1635088213
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 15:10:13 GMT
sd
eu-u.openx.net/w/1.0/ Frame E043
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1fce60fc-2d54-4c00-94a5-14cec4f7c406
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1fce60fc-2d54-4c00-94a5-14cec4f7c406
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 24 Jul 2021 15:13:06 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1fce60fc-2d54-4c00-94a5-14cec4f7c406
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:05 GMT
sd
us-u.openx.net/w/1.0/ Frame E043
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=u6obo7_-SPSgq0z46_hQ8-_7TPSg_0XyvK3x26jz
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=u6obo7_-SPSgq0z46_hQ8-_7TPSg_0XyvK3x26jz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=u6obo7_-SPSgq0z46_hQ8-_7TPSg_0XyvK3x26jz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E043
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2541304801777919633
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2541304801777919633
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2541304801777919633
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame E043 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f4fa6be0-62e2-7017-f26a-afe570cee643&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E043 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDg5NWI4MmEtYWI5NS0yZWIzLWU3OGEtZjU1Y2JhMmMyODIz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E043
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENOCPcXSoMoK6kVYVjISJJw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENOCPcXSoMoK6kVYVjISJJw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENOCPcXSoMoK6kVYVjISJJw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
o2shim
acds.prod.vidible.tv/ Frame E354 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1206795&orgId=28230&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.creaders.net%2F&vrid=f89438b6-c7ea-4ca8-81df-9f8ba30d69f3&pblob=
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aac8560e1b5c328ff6e9d8036cd0a5759fff30973466e7df3df136fbfb827a60

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-encoding
gzip
access-control-max-age
3600
access-control-allow-methods
POST, GET, HEAD, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
content-length
6637
ads
pagead2.googlesyndication.com/gampad/ Frame 55EE 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1389180890547821&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=2821420679&sdk_apis=2%2C8&sid=4A34EF36-03C4-421B-AEDD-F95016816481&eid=21064201%2C44737475&top=https%3A%2F%2Fwww.creaders.net%2F&loc=https%3A%2F%2Fwww.creaders.net%2F&dt=1627139413699&scor=566507844880158&ged=ve4_td1_tt1_pd1_la1000_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame BA80 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4038679914992905&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1883650415&sdk_apis=2%2C8&sid=3525127C-3AC0-415D-8EEB-65D66AA7D190&eid=44736153%2C44737475&top=https%3A%2F%2Fwww.creaders.net%2F&loc=https%3A%2F%2Fwww.creaders.net%2F&dt=1627139413706&scor=1532384615549739&ged=ve4_td1_tt1_pd1_la1000_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame D7A5 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2Ftsm%2FS-TEST&description_url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=870394371191868&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=516321976&sdk_apis=2%2C8&sid=9D2FDA82-9960-4808-A5AD-A30376A935BD&eid=420706105&url=https%3A%2F%2Fwww.creaders.net%2F&dt=1627139413708&scor=3823882235451615&ged=ve4_td1_tt1_pd1_la1000_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame AD21 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=844515297715443&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3778340233&sdk_apis=2%2C8&sid=77687413-EF21-4E41-B466-83386F16EFA4&eid=44737473%2C44745939&dt=1627139413712&scor=1076381264826038&ged=ve4_td1_tt1_pd1_la1000_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame E354 		317 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1206795&orgId=28230&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.creaders.net%2F&vrid=f89438b6-c7ea-4ca8-81df-9f8ba30d69f3&pblob=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 22 Jul 2021 13:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180018
x-amz-server-side-encryption
AES256
x-amz-storage-class
STANDARD_IA
vary
Accept-Encoding
content-length
104243
x-amz-id-2
cxFJRVAbxosMsOENdS9Fg9/Va9BaejP4A4Yat04S2SV+cAsvPm2uHE6vv1fdtxCEMphzAFqZG2c=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Mar 2021 05:09:03 GMT
server
ATS
etag
"ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-request-id
50QS1J97VPR4QJKE
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
null
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame E354 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5c6c7f1c17e0e151b5b9cb66&s=true&pv=10.2.63&ifr=true&cb=0.9817085776676795&pt=o2unit&sid=4eca4cda-e203-4f93-b41a-b5c5a821ab3f&r=https%3A%2F%2Fwww.creaders.net%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.66.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-66-105.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Sat, 24 Jul 2021 15:10:13 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 18:37:38 GMT
server
AmazonS3
x-amz-request-id
844FF664DE0AB17A
etag
"d678022569896f7b7293494e3a69c8c7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9058
accept-ranges
bytes
content-length
44266
x-amz-id-2
KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=
local-storage.html
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame A26D 		2 KB
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn-ssl.vidible.tv
:scheme
https
:path
/prod/player/ad-time/local-storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

x-amz-id-2
6mYIVvBmpdvW8zcKge1GFq1Z6ifDG+3+gzKML+YJANngOpoocRzPIu0Mrn9qAOd2q3Veij9Vpds=
x-amz-request-id
5ZJG6FBVYCH4854E
date
Sun, 18 Jul 2021 00:39:03 GMT
last-modified
Wed, 19 Feb 2020 12:29:18 GMT
etag
"3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption
AES256
x-amz-version-id
null
accept-ranges
bytes
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
cache-control
max-age=1209600
age
570672
ats-carp-promotion
1
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
content-length
557
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=
ads-eu.v.ssp.yahoo.com/a/h/ Frame E354
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=?cb=7139412421&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.creaders.net%2F&eov=eov&us_privacy=1---&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=?cb=7139412421&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.creaders.net%2F&eov=eov&us_privacy=1---&scpi...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=?cb=7139412421&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.creaders.net%2F&eov=eov&us_privacy=1---&scpid=58fcbed1073ef420086c9d08&scpid=5c5bf265073ef44dbb3483fb&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.creaders.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=189&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=1&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=336&a.y_rid=a3b98cf3-b4e5-4c3d-9e74-24a2e57d6ec7&a.is_yahoo=3&redirect_y=dHM9MTYyNzEzOTQxMzk0NS40NTA2ODQ6YXBpZD1VUDNlOTY0Mzg0LWVjOTEtMTFlYi1iNzEyLTAyZTIwNTIwZTgzNjpyZXF1ZXN0X2lkPWEzYjk4Y2YzLWI0ZTUtNGMzZC05ZTc0LTI0YTJlNTdkNmVjNw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.122.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.creaders.net
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/3pRrSx07Gk8Dl7mNKBWke3eC9D9nIm_aTuVZj2Zo7Wk=?cb=7139412421&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.creaders.net%2F&eov=eov&us_privacy=1---&scpid=58fcbed1073ef420086c9d08&scpid=5c5bf265073ef44dbb3483fb&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.creaders.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=189&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=1&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=336&a.y_rid=a3b98cf3-b4e5-4c3d-9e74-24a2e57d6ec7&a.is_yahoo=3&redirect_y=dHM9MTYyNzEzOTQxMzk0NS40NTA2ODQ6YXBpZD1VUDNlOTY0Mzg0LWVjOTEtMTFlYi1iNzEyLTAyZTIwNTIwZTgzNjpyZXF1ZXN0X2lkPWEzYjk4Y2YzLWI0ZTUtNGMzZC05ZTc0LTI0YTJlNTdkNmVjNw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
display.gif
trk.vidible.tv/trk/ Frame E354 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=5c6c7f1c17e0e151b5b9cb66&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.creaders.net%2F&s=true&sid=4eca4cda-e203-4f93-b41a-b5c5a821ab3f&vvuid=c06dfa15-bfa4-46a1-a7f1-284f721f4b98&orgId=28230&plcid=1206795&vrid=f89438b6-c7ea-4ca8-81df-9f8ba30d69f3&ab=0&dt=122&h=189&spaceid=793604934&w=336&cb=0.9444426130520167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.66.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-66-105.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Sat, 24 Jul 2021 15:10:13 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame E354 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=5c6c7f1c17e0e151b5b9cb66&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.creaders.net%2F&s=true&sid=4eca4cda-e203-4f93-b41a-b5c5a821ab3f&vvuid=c06dfa15-bfa4-46a1-a7f1-284f721f4b98&orgId=28230&plcid=1206795&vrid=f89438b6-c7ea-4ca8-81df-9f8ba30d69f3&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.8000955077975684
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.66.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-66-105.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Sat, 24 Jul 2021 15:10:13 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame E354 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5c6c7f1c17e0e151b5b9cb66&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.creaders.net%2F&s=true&sid=4eca4cda-e203-4f93-b41a-b5c5a821ab3f&vvuid=c06dfa15-bfa4-46a1-a7f1-284f721f4b98&orgId=28230&plcid=1206795&vrid=f89438b6-c7ea-4ca8-81df-9f8ba30d69f3&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=336&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=189&cb=0.7078941502502487
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.66.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-66-105.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Sat, 24 Jul 2021 15:10:13 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1627139414013&de=937660860157&d=103%3A-%3A-%3A-&bo=creaders.net&bd=creaders.net&f=0&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 24 Jul 2021 15:10:14 GMT
ad-engine-response.gif
trk.vidible.tv/trk/ Frame E354 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5c6c7f1c17e0e151b5b9cb66&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.creaders.net%2F&s=true&sid=4eca4cda-e203-4f93-b41a-b5c5a821ab3f&vvuid=c06dfa15-bfa4-46a1-a7f1-284f721f4b98&orgId=28230&plcid=1206795&vrid=f89438b6-c7ea-4ca8-81df-9f8ba30d69f3&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=336&aert=79&ar=no&fo=0&ft=0&h=189&cb=0.9318251122743515
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.66.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-66-105.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Sat, 24 Jul 2021 15:10:14 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627139414031&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C6072f3e14b528f118570488a%2C5f5e1c5ad1bb37468a36ee81%2C6010520e530a6a6d3a2981f6%2C5fda3fe5a9b87c514940be50&ofpr=%2C%2C%2C2.88%2C0.9%2C1%2C0.9&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:14 GMT
X-SpotX-Timing-Transform
0.000335
X-SpotX-Timing-SpotMarket
0.006465
X-SpotX-Timing-Page-Mux
0.000765
X-SpotX-Timing-Page-Require
0.000279
X-fe
103
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000037
X-SpotX-Timing-Page
0.010841
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000341
Last-Modified
Sat, 24 Jul 2021 15:10:14 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006465
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.creaders.net
X-SpotX-Timing-Page-Misc
0.002602
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627139414035&pKey=386047570&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fwww.creaders.net%2F&playerSize=336x189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627139413897063-416
Expires
Sat, 24 Jul 2021 15:10:14 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2f3ef2310c55584be488ee89c7058a5c655e80880713ba50d43af0dea0e0ec09
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:14 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
408b2008-dc56-428f-b45a-3b880b6f570f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627139414084&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1CF0 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3C54 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6111 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 2732 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 1CF0 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 17B9 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 3C54 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame FAEF 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6111 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5728 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A8F7 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7EDF 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 2732 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=333987297488554&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1812798532&sdk_apis=2%2C8&sid=41F1694F-98F5-4067-9BCD-2ED566B5FBB1&dt=1627139414369&scor=3244201621037880&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 17B9 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1812622489535771&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1518259990&sdk_apis=2%2C8&sid=9D8B392F-B260-4286-99B4-31BF98BE4C1F&eid=40819804%2C44737475&top=https%3A%2F%2Fwww.creaders.net%2F&loc=https%3A%2F%2Fwww.creaders.net%2F&dt=1627139414373&scor=4449853843904368&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame FAEF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=962533071527804&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=2777763784&sdk_apis=2%2C8&sid=3CED3F56-E568-4BC4-8BD3-8E39A551DBCD&eid=44725355&dt=1627139414375&scor=4079129145013417&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627139414514&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C6072f3e14b528f118570488a%2C5f5e1c5ad1bb37468a36ee81%2C6010520e530a6a6d3a2981f6%2C5fda3fe5a9b87c514940be50&ofpr=%2C%2C%2C2.88%2C0.9%2C1%2C0.9&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
973 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a399cd2bf738ba63d80e58ad5febc7ae10699167bf01e364d67a30bc2317863e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:14 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
18ed81f2-0815-44d0-93e6-3c917e0d0e21
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:14 GMT
X-SpotX-Timing-Transform
0.000442
X-SpotX-Timing-SpotMarket
0.008197
X-SpotX-Timing-Page-Mux
0.001060
X-SpotX-Timing-Page-Require
0.000407
X-fe
039
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000037
X-SpotX-Timing-Page
0.014020
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000375
Last-Modified
Sat, 24 Jul 2021 15:10:14 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.008197
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.creaders.net
X-SpotX-Timing-Page-Misc
0.003486
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627139414520&pKey=386052339&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fwww.creaders.net%2F&playerSize=336x189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627139414530002-350
Expires
Sat, 24 Jul 2021 15:10:14 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627139414571&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6E12 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1888 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 44C8 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 4519 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 1888 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 8DF3 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 44C8 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 7165 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6E12 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:14 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 77A3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CF3C 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2016 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 4519 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3695765518316387&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=18233212&sdk_apis=2%2C8&sid=6EFC32DF-42DB-4527-8B4D-70D50653E22E&eid=44726392&dt=1627139414868&scor=52179839876308&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 8DF3 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3561212924743808&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3147168624&sdk_apis=2%2C8&sid=0EE2CD30-C666-4E8E-A9B0-14BB8F325280&eid=44736292&dt=1627139414871&scor=2911965913182086&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 7165 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=104520135468207&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=2545846144&sdk_apis=2%2C8&sid=8D89B88E-022E-48CE-AD7C-8DDFCBF86A49&eid=44731964%2C44745938&dt=1627139414874&scor=626974493834664&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627139414989&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C6072f3e14b528f118570488a%2C5f5e1c5ad1bb37468a36ee81%2C6010520e530a6a6d3a2981f6%2C5fda3fe5a9b87c514940be50&ofpr=%2C%2C%2C2.88%2C0.9%2C1%2C0.9&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627139414993&pKey=386056403&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fwww.creaders.net%2F&playerSize=336x189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:15 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627139414961015-572
Expires
Sat, 24 Jul 2021 15:10:15 GMT
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:15 GMT
X-SpotX-Timing-Transform
0.000588
X-SpotX-Timing-SpotMarket
0.006151
X-SpotX-Timing-Page-Mux
0.001071
X-SpotX-Timing-Page-Require
0.000425
X-fe
026
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.011458
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000521
Last-Modified
Sat, 24 Jul 2021 15:10:15 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006151
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.creaders.net
X-SpotX-Timing-Page-Misc
0.002661
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
dc917a0069a88df442ec168a8ffdf5d9789c4f25e94184458c07e281413a0d6c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:15 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c343cff8-f0bc-4d02-b6e1-20d5c347b2f1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627139415157&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0AF9 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F23A 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 00EE 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 806A 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame F23A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame E97C 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0AF9 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame E98D 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 00EE 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0142 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C329 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 404F 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 806A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2797976712783315&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1897771398&sdk_apis=2%2C8&sid=8C7FEE8F-D312-4A03-82E8-BBE5BBD8888F&eid=21064201&dt=1627139415441&scor=3602743644539070&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame E97C 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2430607470005491&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1974450519&sdk_apis=2%2C8&sid=347165EC-E867-4F9A-B8AB-D70211F4B50D&eid=44725355%2C44740340&dt=1627139415445&scor=927670285736981&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame E98D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2985145299968956&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=2577362757&sdk_apis=2%2C8&sid=D1D7695D-EA3B-40F6-9226-C1E2F49586A7&eid=44745939&dt=1627139415450&scor=1059314397175484&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627139415549&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C6072f3e14b528f118570488a%2C5f5e1c5ad1bb37468a36ee81%2C6010520e530a6a6d3a2981f6%2C5fda3fe5a9b87c514940be50&ofpr=%2C%2C%2C2.88%2C0.9%2C1%2C0.9&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:15 GMT
X-SpotX-Timing-Transform
0.000930
X-SpotX-Timing-SpotMarket
0.006551
X-SpotX-Timing-Page-Mux
0.001027
X-SpotX-Timing-Page-Require
0.000302
X-fe
023
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000026
X-SpotX-Timing-Page
0.011864
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000382
Last-Modified
Sat, 24 Jul 2021 15:10:15 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006551
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.creaders.net
X-SpotX-Timing-Page-Misc
0.002632
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627139415552&pKey=386082225&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fwww.creaders.net%2F&playerSize=336x189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:15 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627139415358033-377
Expires
Sat, 24 Jul 2021 15:10:15 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
973 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ffb971235f9578aeafc17b2b6994cdf446a448d50123cd879777e013ae8858a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:15 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6ca06bd9-daf3-435c-9399-f4750fccf585
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627139415622&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 26F4 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 233A 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 89F1 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame C35A 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 26F4 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 3D9E 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 233A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 553D 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 89F1 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E1FA 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F36E 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4D30 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Jul 2021 16:08:01 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame C35A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2014958704771360&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=2543886895&sdk_apis=2%2C8&sid=19FEFA2D-612A-42B9-B304-14CEBD4D3F55&eid=418572006%2C44725355%2C44731965&dt=1627139415929&scor=2762642262163150&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 3D9E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=19836481775494&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=2057134677&sdk_apis=2%2C8&sid=FC66A5BD-13C3-4D65-B9BF-F2500182171D&dt=1627139415934&scor=3763483669840072&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 553D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.creaders.net%2F&url=https%3A%2F%2Fwww.creaders.net%2F&tfcd=0&npa=0&sz=336x189&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=792727956978596&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=4048575349&sdk_apis=2%2C8&sid=2ECBABFC-5EB6-42B7-9FD4-4AA087AD7A8D&eid=44736153%2C44737475&top=https%3A%2F%2Fwww.creaders.net%2F&loc=https%3A%2F%2Fwww.creaders.net%2F&dt=1627139415936&scor=3745466203351417&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1161.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame BCF9 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@40545708,9123388639535875176,0|0|0|0|0|0|0|0|0||0|1|409|32da3e3a152b4ba8b7154827a7e262a1_32da3e3a152b4ba8b7154827a7e262a1-1|||1|0|0|3Hydq5mtqB3i5nP9TebYOumn3tQYot-A0|||11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 02D4 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@40545708,1723153156722980413,0|0|0|0|0|0|0|0|0||0|1|409|139c3939363f420a80cc49dc3cfd8940_139c3939363f420a80cc49dc3cfd8940-1|||1|0|0|3Hydq5mtqB3i5nP9TebYOumn3tQYot-A0|||11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame EA0A 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53022283&p=157512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5515e36257d2183a02cfe9847aab2530a7d6f00d7c7682013e5bd00d182f5dbf

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 1846 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=2541304801777919633
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2541304801777919633; expires=Wed, 22 Sep 2021 15:10:16 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
adx
match.prod.bidr.io/cookie-sync/ Frame 33C2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEVWZrN0ItRnNBQUU5dXV1cF9LQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.144.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-144-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bitoIsSecure=ok; bito=AADUfk7B-FsAAE9uuup_KA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 24 Jul 2021 15:10:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 24 Jul 2021 15:10:16 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usersync.aspx
dis.criteo.com/dis/ Frame C917 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 24 Jul 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1552
x-powered-by
ASP.NET
date
Sat, 24 Jul 2021 15:10:16 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 17BF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3948205146
  • https://sync.1rx.io/usersync/tradedesk/e8bb80da-53a4-49d6-a3e8-dccd9415a15c
  • https://sync.targeting.unrulymedia.com/csync/RX-67f81162-52ee-49bd-b74e-faccff0dd637-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67f81162-52ee-49bd-b74e-faccff0dd637-003
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67f81162-52ee-49bd-b74e-faccff0dd637-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67f81162-52ee-49bd-b74e-faccff0dd637-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; chkChromeAb67Sec=1; DPSync3=1628294400%3A201_197%7C1627689600%3A164%7C1627171200%3A174; SyncRTB3=1627516800%3A216%7C1628294400%3A166_176_233_56_5_7_99_8_231_189_220_71_57_3_165_54_21_55_104_48_13_22_178%7C1627689600%3A2_223_38_15%7C1627948800%3A63%7C1628380800%3A35; KRTBCOOKIE_80=22987-CAESEJAFoB-r-a2zB4joSWrrEC4&KRTB&16514-CAESEJAFoB-r-a2zB4joSWrrEC4&KRTB&23025-CAESEJAFoB-r-a2zB4joSWrrEC4; PUBMDCID=3; KRTBCOOKIE_153=19420-XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx&KRTB&22979-XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx; KRTBCOOKIE_57=22776-164231991169914520; KRTBCOOKIE_188=3189-no-consent; SPugT=1627122939; KRTBCOOKIE_107=1471-uid:ZJ6bduzg1M7ji45; PugT=1627139416; KRTBCOOKIE_466=16530-e8ef7e9c-e62f-48cd-941c-242755d0c834&KRTB&23280-e8ef7e9c-e62f-48cd-941c-242755d0c834; KRTBCOOKIE_218=22978-YPwtVAADCsPbxwAC&KRTB&23194-YPwtVAADCsPbxwAC&KRTB&23209-YPwtVAADCsPbxwAC&KRTB&23244-YPwtVAADCsPbxwAC; KRTBCOOKIE_377=6810-e8bb80da-53a4-49d6-a3e8-dccd9415a15c&KRTB&22918-e8bb80da-53a4-49d6-a3e8-dccd9415a15c&KRTB&23031-e8bb80da-53a4-49d6-a3e8-dccd9415a15c; KRTBCOOKIE_391=22924-2541304801777919633&KRTB&23263-2541304801777919633; KRTBCOOKIE_22=14911-8193421743655466862; KRTBCOOKIE_27=16735-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&KRTB&16736-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&KRTB&23019-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&KRTB&23114-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406; KRTBCOOKIE_860=16335-W4s3sCoITIdwWXYJXJLbkZBMbR4; KRTBCOOKIE_1074=22956-e_e7c6e370-6d0d-4d99-a04a-3bc26e2a97b8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-67f81162-52ee-49bd-b74e-faccff0dd637-003&KRTB&17107-RX-67f81162-52ee-49bd-b74e-faccff0dd637-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 15:10:16 GMT; path=/ PugT=1627139416; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 23-Aug-2021 15:10:16 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 15:10:16 GMT; path=/
x-lat
lhrpug015:0:432
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-67f81162-52ee-49bd-b74e-faccff0dd637-003%22%7D; path=/; expires=Sun, 24 Jul 2022 15:10:16 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67f81162-52ee-49bd-b74e-faccff0dd637-003
etag
RX67f8116252ee49bdb74efaccff0dd637003
141
match.deepintent.com/usersync/ Frame 83C7 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 24 Jul 2021 15:10:16 GMT
server
a
bridge
cm.adgrx.com/ Frame 48D7 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 24 Jul 2021 15:10:16 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
noop
px.owneriq.net/ Frame 5CA0
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
px.owneriq.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
si=Q6804258121256682580; p2=cc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
0
Content-Type
image/gif
Date
Sat, 24 Jul 2021 15:10:16 GMT
Connection
keep-alive

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sat, 24 Jul 2021 15:10:16 GMT
Connection
keep-alive
i.match
s.tribalfusion.com/z/ Frame 0522
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aYnoeUyKalVobWmaZcBV1BgWGrZaVWfkpVRk5GmyOC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aInseFqkaHbBykt9ZbxaVtlQEf1vhu86L1gpTBIaHdZaDGnu5cfBADs3XO4e7My6Mn03qSJWVYDk2mjsc8MgTH; path=/; domain=.tribalfusion.com; expires=Fri, 22-Oct-2021 15:10:16 GMT; SameSite=None; Secure; ANON_ID_old=aInseFqkaHbBykt9ZbxaVtlQEf1vhu86L1gpTBIaHdZaDGnu5cfBADs3XO4e7My6Mn03qSJWVYDk2mjsc8MgTH; path=/; domain=.tribalfusion.com; expires=Fri, 22-Oct-2021 15:10:16 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
673e130a6bc74e86-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
7
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aYnoeUyKalVobWmaZcBV1BgWGrZaVWfkpVRk5GmyOC; path=/; domain=.tribalfusion.com; expires=Fri, 22-Oct-2021 15:10:16 GMT; SameSite=None; Secure; ANON_ID_old=aYnoeUyKalVobWmaZcBV1BgWGrZaVWfkpVRk5GmyOC; path=/; domain=.tribalfusion.com; expires=Fri, 22-Oct-2021 15:10:16 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
673e130969214e86-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
usersync
match.bnmla.com/ Frame C883 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 24 Jul 2021 15:10:16 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 5504
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=W4s3sCoITIdwWXYJXJLbkZBMbR4
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=W4s3sCoITIdwWXYJXJLbkZBMbR4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=W4s3sCoITIdwWXYJXJLbkZBMbR4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; chkChromeAb67Sec=1; DPSync3=1628294400%3A201_197%7C1627689600%3A164%7C1627171200%3A174; SyncRTB3=1627516800%3A216%7C1628294400%3A166_176_233_56_5_7_99_8_231_189_220_71_57_3_165_54_21_55_104_48_13_22_178%7C1627689600%3A2_223_38_15%7C1627948800%3A63%7C1628380800%3A35; KRTBCOOKIE_80=22987-CAESEJAFoB-r-a2zB4joSWrrEC4&KRTB&16514-CAESEJAFoB-r-a2zB4joSWrrEC4&KRTB&23025-CAESEJAFoB-r-a2zB4joSWrrEC4; PUBMDCID=3; KRTBCOOKIE_153=19420-XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx&KRTB&22979-XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx; KRTBCOOKIE_57=22776-164231991169914520; KRTBCOOKIE_188=3189-no-consent; SPugT=1627122939; KRTBCOOKIE_107=1471-uid:ZJ6bduzg1M7ji45; PugT=1627139416; KRTBCOOKIE_466=16530-e8ef7e9c-e62f-48cd-941c-242755d0c834&KRTB&23280-e8ef7e9c-e62f-48cd-941c-242755d0c834; KRTBCOOKIE_218=22978-YPwtVAADCsPbxwAC&KRTB&23194-YPwtVAADCsPbxwAC&KRTB&23209-YPwtVAADCsPbxwAC&KRTB&23244-YPwtVAADCsPbxwAC; KRTBCOOKIE_377=6810-e8bb80da-53a4-49d6-a3e8-dccd9415a15c&KRTB&22918-e8bb80da-53a4-49d6-a3e8-dccd9415a15c&KRTB&23031-e8bb80da-53a4-49d6-a3e8-dccd9415a15c; KRTBCOOKIE_391=22924-2541304801777919633&KRTB&23263-2541304801777919633; KRTBCOOKIE_22=14911-8193421743655466862; KRTBCOOKIE_27=16735-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&KRTB&16736-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&KRTB&23019-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&KRTB&23114-uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-W4s3sCoITIdwWXYJXJLbkZBMbR4; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 15:10:16 GMT; path=/ PugT=1627139416; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 23-Aug-2021 15:10:16 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 15:10:16 GMT; path=/
x-lat
lhrpug003:0:574
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sat, 24 Jul 2021 15:10:16 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=W4s3sCoITIdwWXYJXJLbkZBMbR4
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 07DC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZJ6bduzg1M7ji45&gdpr=0&gdpr_consent=
42 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZJ6bduzg1M7ji45&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZJ6bduzg1M7ji45&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72; chkChromeAb67Sec=1; DPSync3=1628294400%3A201_197%7C1627689600%3A164%7C1627171200%3A174; SyncRTB3=1627516800%3A216%7C1628294400%3A166_176_233_56_5_7_99_8_231_189_220_71_57_3_165_54_21_55_104_48_13_22_178%7C1627689600%3A2_223_38_15%7C1627948800%3A63%7C1628380800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 24 Jul 2021 15:10:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:ZJ6bduzg1M7ji45; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 15:10:16 GMT; path=/ PugT=1627139416; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 23-Aug-2021 15:10:16 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 15:10:16 GMT; path=/
x-lat
lhrpug002:0:503
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sat, 24 Jul 2021 15:10:15 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZJ6bduzg1M7ji45&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=ZJ6bduzg1M7ji45; Domain=.w55c.net; Expires=Wed, 24-Aug-2022 15:10:16 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Mon, 23-Aug-2021 15:10:16 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=604800; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oh5gpX46QzOevaVM0Bxacg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55122
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 25 Jul 2021 06:28:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame EA0A 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
via
1.1 google
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1fce60fc-2d54-4c00-94a5-14cec4f7c406
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1fce60fc-2d54-4c00-94a5-14cec4f7c406
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 10:35:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Jul 2021 15:13:09 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1fce60fc-2d54-4c00-94a5-14cec4f7c406
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:08 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ExRTYwQTUtN0UzQS00MzMzLTlFQkQtQTU0Q0QwMUM1QTcy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:294
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJAFoB-r-a2zB4joSWrrEC4&google_cver=1
42 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJAFoB-r-a2zB4joSWrrEC4&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJAFoB-r-a2zB4joSWrrEC4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame EA0A 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 23 Jul 2021 15:10:16 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8193421743655466862&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8193421743655466862&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:521
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8193421743655466862&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPwtVAADCsPbxwAC&gdpr=0&gdpr_consent=
1 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPwtVAADCsPbxwAC&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:326
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627139417.531883,VS0,VE0
x-served-by
cache-fra19138-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPwtVAADCsPbxwAC&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8bb80da-53a4-49d6-a3e8-dccd9415a15c
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8bb80da-53a4-49d6-a3e8-dccd9415a15c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:496
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8bb80da-53a4-49d6-a3e8-dccd9415a15c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:498
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Jul 2021 15:13:09 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1fce60fc-2d54-4c00-94a5-14cec4f7c406&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Jul 2021 15:13:08 GMT
3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EA0A 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hXXqBnlE2uUrkr0SwMfNpBYFB6YH0h8-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hXXqBnlE2uUrkr0SwMfNpBYFB6YH0h8-~A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 10:34:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Jul 2021 15:10:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hXXqBnlE2uUrkr0SwMfNpBYFB6YH0h8-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164231991169914520&gdpr=0&gdpr_consent=
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164231991169914520&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:415
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:16 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f3bb424c-66ac-48ea-9118-017e8e1ea770
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164231991169914520&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame EA0A 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3A1E60A5-7E3A-4333-9EBD-A54CD01C5A72&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame EA0A 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.1.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40ee637d-ec91-11eb-b318-299400e2b4a7&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40ee637d-ec91-11eb-b318-299400e2b4a7&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:443
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40ee637d-ec91-11eb-b318-299400e2b4a7&gdpr=0&gdpr_consent=
Date
Sat, 24 Jul 2021 15:10:16 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
40ee637e-ec91-11eb-b318-299400e2b4a7
Pug
image2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx
42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:355
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XB04SVhJax5HHG8SDE9zGQhMbx5HSGYYWxoZNFCx
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:14 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:369
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:15 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame EA0A
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_E0BA0AD2_13F012661&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.67.14.233 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-310126217; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:16 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-310126217; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 24 Jul 2021 15:10:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:525
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2541304801777919633&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8ef7e9c-e62f-48cd-941c-242755d0c834&gdpr=&gdpr_consent=&gdpr_pd=
1 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8ef7e9c-e62f-48cd-941c-242755d0c834&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:377
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8ef7e9c-e62f-48cd-941c-242755d0c834&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e7c6e370-6d0d-4d99-a04a-3bc26e2a97b8
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e7c6e370-6d0d-4d99-a04a-3bc26e2a97b8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:523
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e7c6e370-6d0d-4d99-a04a-3bc26e2a97b8
date
Sat, 24 Jul 2021 15:10:16 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame EA0A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2541304801777919633
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2541304801777919633
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:424
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 15:10:16 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2541304801777919633
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pubmatic
sync.resetdigital.co/csync/ Frame EA0A 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame EA0A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 10:34:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame DE02 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1924166856372953/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/4528516/1924166856372953/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:59:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
age
663
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:14:17 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Jul 2021 15:10:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627139421032&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C6072f3e14b528f118570488a%2C5f5e1c5ad1bb37468a36ee81%2C60ed8c214b5f003eaf39e55d%2C6010520e530a6a6d3a2981f6%2C5fda3fe5a9b87c514940be50&ofpr=%2C%2C%2C2.88%2C0.9%2C%2C1%2C0.9&fpo=%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Jul 2021 15:10:21 GMT
X-SpotX-Timing-Transform
0.000294
X-SpotX-Timing-SpotMarket
0.005839
X-SpotX-Timing-Page-Mux
0.002145
X-SpotX-Timing-Page-Require
0.000301
X-fe
115
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.011137
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000313
Last-Modified
Sat, 24 Jul 2021 15:10:21 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005839
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.creaders.net
X-SpotX-Timing-Page-Misc
0.002208
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.creaders.net
date
Sat, 24 Jul 2021 15:10:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		138 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1017b6139db8b60b1a9ca7600693863bbb8c92f4299532145272b625faf6c808
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:21 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3e078f71-3cdf-4036-93c3-ef2984dee61a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627139421046&pKey=386881750&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fwww.creaders.net%2F&playerSize=336x189
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 15:10:21 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627139420837096-377
Expires
Sat, 24 Jul 2021 15:10:21 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.creaders.net&rs=www.creaders.net&sid=92225&t=1627139412&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627139412271-937113200172-008905-015-004233&cha=0.7&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=87645830624&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627139421133&asid=60ab6a54ad27207be82fbf34%2C608947e2747cc640e41606e8%2C60dd6f9902c08b42ba4fa816%2C60ed8c214b5f003eaf39e55d&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.188.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D205 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:21 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 47CF 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:21 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CB2B 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:21 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D644 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:21 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame CCF0 		64 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D205 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:21 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 611F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 47CF 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:21 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame DCD0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame CB2B 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 24 Jul 2021 15:10:21 GMT
bridge3.472.0_en.html
imasdk.googleapis.com/js/core/ Frame 431F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194367
date
Fri, 23 Jul 2021 07:35:00 GMT
expires
Sat, 23 Jul 2022 07:35:00 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
113721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D644 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 633E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEGA_IYcMkPniNrJCt3yTDRU&google_cver=1&google_push=AYg5qPKOEiPjq6w-1NbKlLL1TsD7xVbSGKHDTwl1-hzQBUHlZLa1qY3XlW3CMvdu5CzCDDA5Uembv2N5Itljzq5INsi1-d51yrQo
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=ZJ6bduzg1M7ji45&gdpr=0
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=8
Domain
sync.resetdigital.co
URL
https://sync.resetdigital.co:10001/csync/pubmatic
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| get_flash_code function| get_image_code function| decode_string function| show_large_ad function| c_bq function| setHomepage object| googletag object| _VLIOBJ object| vitag number| interval_img_focus function| img_focus_show string| tpl_host function| langTo function| newsnlink function| langlink function| set_site_foot string| font_style object| firebase object| firebaseConfig string| vapidKey function| is_local undefined| messaging object| _atrk_opts object| _qevents string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal object| $link object| lc object| ggeac object| google_js_reporting_queue function| atrk boolean| _atrk_fired object| regeneratorRuntime string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| __tcfapiui object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| $sf function| vlPlayer function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid boolean| apstagLOADED object| apstag object| Criteo string| pubcidCookie object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| aniplayerPos object| criteo_pubtag object| criteo_pubtag_prebid_105 object| Criteo_prebid_105 function| avPlayer object| storageAni object| freewheelssp_cache object| closure_lm_545621 object| closure_lm_665630 object| closure_lm_270463 object| closure_lm_487585 undefined| moatApiInit1627139413927 undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA string| prop object| callbacks object| time object| closure_lm_735424 object| closure_lm_29469 object| closure_lm_633631 object| closure_lm_120310 object| closure_lm_774414 object| closure_lm_721825 object| closure_lm_592055 object| closure_lm_57126 object| closure_lm_682993 object| closure_lm_408443 object| closure_lm_739752 object| closure_lm_705433

10 Cookies

Domain/Path Name / Value
www.creaders.net/ Name: _pubcid
Value: 8ba8a493-1995-449d-ae60-3f269320bb2f
www.creaders.net/ Name: sf_ck_tst
Value: test
www.creaders.net/ Name: __vliIPL
Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1627146609077}
.creaders.net/ Name: __auc
Value: 68aff78f17ad911048a1a7ce886
.creaders.net/ Name: __asc
Value: 68aff78f17ad911048a1a7ce886
.creaders.net/ Name: __utma
Value: 77545162.1620888283.1627139409.1627139409.1627139409.1
.creaders.net/ Name: __utmb
Value: 77545162.1.10.1627139409
.creaders.net/ Name: __utmt
Value: 1
.creaders.net/ Name: __utmz
Value: 77545162.1627139409.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.creaders.net/ Name: __utmc
Value: 77545162

8 Console Messages

Source Level URL
Text
console-api error URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 https://www.creaders.net/
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 https://www.creaders.net/
console-api info URL: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 https://www.creaders.net/
console-api warning URL: https://player.hb.selectmedia.asia/prebidlink/451983/hb_310028_7816.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31032.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&us_privacy=1---&account_id=20598&site_id=277064&zone_id=1384678&size_id=203&rp_schain=1.0,1!selectmedia.asia,5e3a966128a06134f417790e,1,,Mail Metro Media,mailonline.co.uk&p_window.depth=0&rf=https%3A%2F%2Fwww.creaders.net%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=336&p_aso.video.ext.ad.h=189&width=336&height=189&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8312407432273297&rp_secure=1
console-api error URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52)
Message:
17:10:14.020 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api error URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52)
Message:
17:10:14.020 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

46c0b90557540ba54505ae62795657b2.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
acds.prod.vidible.tv
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
assets.bilsyndication.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
biltag.bilsyndication.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.jsdelivr.net
cdn.krxd.net
certify.alexametrics.com
classified.creaders.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
consumer.krxd.net
creaders.net
d.adroll.com
d31qbv1cthcecs.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i1.ytimg.com
ib.adnxs-simple.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
ms.quantumdex.io
nep.advangelists.com
onetag-sys.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
play.selectmedia.asia
player.hb.selectmedia.asia
player.selectmedia.asia
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.ad.smaato.net
prod-m-node-3113.ssp.yahoo.com
pub.creaders.net
pubmatic-match.dotomi.com
px.moatads.com
px.owneriq.net
px.vliplatform.com
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
s1.adform.net
search.spotxchange.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
select-d.openx.net
service.idsync.analytics.yahoo.com
services.bilsyndication.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.bilsyndication.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.resetdigital.co
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
targeting.unrulymedia.com
tg1.selectmedia.asia
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
track1.aniview.com
trk.vidible.tv
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
video-ads.rubiconproject.com
www.bcbay.com
www.creaders.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
ads.stickyadstv.com
google2waycm.netmng.com
pagead2.googlesyndication.com
pm.w55c.net
s0.2mdn.net
sync.resetdigital.co
ums.acuityplatform.com
104.111.230.142
104.111.242.53
13.226.132.202
13.226.145.121
13.226.145.27
13.248.242.197
135.125.8.70
142.250.185.226
142.250.186.162
142.250.74.194
147.75.38.124
151.101.13.108
151.101.14.133
151.101.14.49
169.197.150.8
169.50.137.190
178.162.133.149
178.250.2.131
178.250.2.151
18.156.0.31
18.157.50.45
18.197.47.23
18.198.122.231
18.214.137.90
18.233.75.25
184.31.84.150
185.183.112.155
185.184.8.65
185.29.135.233
185.33.223.178
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.81
185.86.137.121
185.94.180.124
185.94.180.125
192.132.33.46
193.0.160.129
2.18.233.180
2.18.234.21
2.18.234.233
2.18.235.40
2001:678:cb4:bbbb::11
208.100.17.171
209.54.176.128
213.174.135.2
213.19.147.43
213.19.147.45
216.52.2.19
2600:9000:2182:600:6:44e3:f8c0:93a1
2606:4700:10::6816:1758
2606:4700:10::ac43:1faa
2606:4700:20::681a:34e
2606:4700:20::681a:ad1
2606:4700:21::681b:cf5c
2606:4700::6812:c05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:bb19
2a02:26f0:6c00::210:bb90
2a02:fa8:8806:13::1400
2a04:4e42:3::485
3.123.143.157
3.124.169.141
3.125.166.75
3.126.56.137
3.17.33.216
34.196.122.10
34.234.42.43
34.251.129.229
34.252.144.15
34.253.109.165
34.96.105.8
34.98.64.218
35.155.48.17
35.156.66.105
35.157.246.167
35.169.188.209
35.186.253.211
35.241.40.233
35.244.174.68
37.157.3.30
37.157.6.236
37.157.6.242
37.252.173.22
38.27.122.158
38.67.14.233
46.249.52.248
51.89.9.254
52.202.1.196
52.208.210.171
52.21.104.248
52.211.35.237
52.43.79.19
52.59.115.28
52.59.160.25
54.155.16.196
54.155.97.90
54.175.198.118
54.195.94.143
54.205.198.81
54.86.120.215
66.155.71.149
72.251.241.204
002a6fa48c585fca7e50e045ce91b80a118b07457b25e1602641fc9a4c2d45d1
0072a3a862389db85f24f67f091c866d9463e44875051ece740a44b619280cee
0470bc16508fda8d0d1cb070413299d346c3d31583edb1968c44e5c36e28bfa5
0547a98cb218fc60f0468504673281defe0a8e794d0dc697b3fd3aa8786cf091
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f80e3b87267a19fa46516c4f82a9cfcab2f36135b4cde43effcd95bfaab07d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d83d2ec376587699333924ffcbde5b7c95fff534cbc673d8aa8202b9eb851c1
0dbaf4d67e022be6256304895a2b4adf590fb1d062a49a8de1e6c5c61e8364f4
0e549932d532ca069860e7cc3cf485876afd1bb39743bc1d1dd1f0655b06de95
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ef53677e97b7c0aaa68a9d7e0c3632641480ed0fb28d1982cd0dbca61a55346
1017b6139db8b60b1a9ca7600693863bbb8c92f4299532145272b625faf6c808
104a320d7ff3122abe595c9293215c8575331096ee97ca0db83f368242c5965e
10beb873ddc2cc683bdbad94b7c7b45d74a027839a3d873f6d02426d60504ce7
10df7379ffc33c4cf072840c897e8b3f6e87f8543a1df1375d82f7ec4164a7fd
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
15041f040659f865ea1cb112668c29472c8d93f6e5c8233a30819985fc073890
15d102746c4da4e0c776010d065962a5f3dbfbc5f03865314f1530bdf6b4ef1d
1613a478e45ae5bde3a1194205480a0d7e6b47c836183ac6b19349a37435c6ad
16577cc348968e231e815b799812d1fdcb2910f86d3537fa629d5ff992a82da2
169e287de6de0ea6fd6cd284692ad26928fb71bcf5d2a4a34b04a7ec6e6caaab
17b8d0d4aabc9b7a75a333761b1fe300d0f80bc9c020d6027eae51b01a625efc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a39fa8228d7195b5478fe8419c4a3be15e8c068a683828af381dbee1e36c25c
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1bccd50c35b7b28d408330d82e548cbb3ba900abc27dee0e5df129f2d5239fbc
1c1c2fb8251cd4ed4384912ee1dd9aa7c73528f8410617b565f74b465499e389
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1fcebc65378127dcae7f9c0a31f33cc54684e58f86567e30bbaff729faff65e1
2208cd7900e5a497710b2e5919a1a0fc92f572648f7a9d68cc4c58fd1583c380
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
25b7ae9d6f881e70694991c49cae6715fad05c4d42548e2363b3ec78e4ccc68c
26281de9d9ef67a4eac7eb0100f56b1ed24999558bf8660280c008a5f2a886d6
26f1a57969d05fecb478ee217d9081b71f9d35edb845543a614526b2774c77b0
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
2a816d136e932bbd05bbe8ce3f2ac076916a8abe1976a00db221dd810b12e906
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3ad0ffe6ce43c17ea893eef15fb5e5949ccdd71fcce39454ef371f3cbb6d53
2f3ef2310c55584be488ee89c7058a5c655e80880713ba50d43af0dea0e0ec09
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff416c434af5e274fe51fcd3f0109ffb3d923bcb8c3250dcf313ddb3d11fa5a
3057e4797ae51dec49204b6ef7c9e99e8d1af52d8173ae4a88c6ba1aa9d26021
3121ee737d5b1419cc35390fe043cf5bc48e46c6e1a4527b945a49ffb2576a7c
316078c9c98848eb48d06360d56148d3419d912a7889b750ebe7e310ed0e55a6
31b18c64d3272ecdfbe93930616e404b10f6d3bd521815b80ff79b84fb4539d9
32c8dd1d72a4f93f0411f68958bad24d76bb0e40919a77dd35adefde01401373
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34993aa6f2e1b56eebaf1437f6afe32d7b779212ec156fc95203bab1d91193d1
351a745c10af52d961465031b81e91d084e19db1730aedc23b2a6ae125e722ce
367cb91efdca4f425e00118528ffd75f0bddad4db20ed0c586bc2215b8f2346f
36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39ffa56a2c8c9cffa875a8f164cd6409f76c2115dcc3284b3317b8f1f8ea1a70
3ad21ecb119a3ccf137d9bcfef30d2cb0a08f8008c63b72a76111d836515a4cd
3b75a8397ac1524344170247685676db74881aedaae13c0e0000ec4e15c96fd7
3c52aef242e88834472324417677bc47aacae78240b66eeb82de3ebeedd422b3
3cf4ec2c9486db2bb547fb336e04528a5e520dc84b34b04e9530810e8771a210
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd6197f07c4b2e086660eb18fd8f4501e2f5bbd62f083a693f211f72d0006b8
4193b0180d41a0f6a602b649d503494cbc5d12df13630b3405abbaf78fb06e5f
42367582650e007d32a2231366a01ac5d6f3ccfa4cb0b490f7f630fb30d40785
4319ca234a58b1be83026e7cd72dee5af80d3f1b22dc523a7fc1528d768f81ce
4342098113d93daccced2c713c0d7f4ea3a1f3c37ddcf93bf6a5a074b0ffb858
43c70c5f3b7a3a6ea577f5c5536a4a515e8723e81e749935e9e8385894256959
43f0fceee5f0937838e3818c0bb4f30a4e919474d0f9afb01c1d1a3e3efac60e
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
464308984606be2331248484562d7b7ae83f9507e23f2e935e0a9473866c597e
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
477c95d16842ab51488b2fa32f814bddae042d8176e240392b195d69bc3d3e07
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8588ea60d7b61e4a34d0540ec30b96f6e045014e754e652502dad337c15d08
4d564bba73f5a1c63365d9932513b309ccea6df6950d00c86d0da3c95a50ca2e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
536407a4dce35818b35f3f7d25b86e9b409e36bbc76b5f22779f61f915b2f84c
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f0a09105985bc90ccabdd296ce7597542f5b0a9773fd22c37702a9006903ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ac672b001f99520008c1d7c5e5d54e30af66628550e4111f9a73ccc9ff1936
5515e36257d2183a02cfe9847aab2530a7d6f00d7c7682013e5bd00d182f5dbf
5592988a29cee9506afa716931d7c70cf1c6cb31fd845c1b065d1cb3cdd00575
574789b690b8f2547eb09dac4183f5d5434179c3fa79b552815a2a6b52421597
57eaa67a2c9cdfe71c19891dffdcfb9fbc5f1c17a02fe7a45cdfdfe9801e14cd
5879a6975321f9889e11f2e7df15af36a5f15cc3bdeb6766c16a695df787cb53
5887f8cae644b0876cffbbf57e903d42e60cb21a2f1a0bc6b43851b9a3853285
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
59e4f5a70ba9fd3a18d0caf761d18d86465ef122383f18eff5dcfa528d403fc8
5b92d134eadcf2a7a746799aca9cccb620f19f85f859bae109ee8ba2b2f07fd3
5baedaeb2bf41d2d78af92d0afff2bf9c958bdf1e7c9a41d1c21b179bb5f9b36
5cb972406dc51d45d861b71f045404cec3a7b6b130c535b4aebc2c410b7f8e03
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e3597698e5ac7b02a149e71721a736fc661a1bc9ec3438b786ffc46919e81b1
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
60c420151119c997eb9f8c8c7ab0771775980aeba9e8c1deb96aaff93984c1e9
60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
64c14581dfec4a200e6d8c06b13358d9bdbdbf855b70a7407380d8f2ecbc76aa
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
66ab3e344dbbb39a998bbe298a2eac923b9f8080a865f716ad66649c8d86e8f3
6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d
677ec686791006ac01c8c67c130b7d8ec1a0b4c7e46d710dc63940895a781fa0
68fb5d546df3374e0cff9e507bb2aa51ffa7416bec3e18e511acbbd05ca664d1
697241f0613aba33ce129179e734f16240c0079a7ccca812ea7524d0f739bdbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c8bfae0ca3a8628702d44b2a01d4ff535190eced3d6b13d04a2286689c955cc
70bc35b02a019fb9e475e118a4ce5aca7b13b24cf8f5d35e1429126d4c05f256
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
72b78947407222874e235aa268f3fc6bb5ae0453387756ca9145ea6b9af9911b
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7383ac38ae458ef58c0ba59e7ba47457fc0aab3befda09d9cec812b113c8101d
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
74486198c7c6848c0f3e02ce7cedfce968005a10ce2853739694e50bc6039ea9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74739df3c58f8fb7002319f4fcb33d8f578c87f092e5ca6f5cbd16a0e5bb65ad
75314311d903d5d7ef64dddb034f7ab809450d8507f1c5f16924d68e3a24abba
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
76e137defb4f92fc08db6eba7d2ce3f644be937f86489d2058be54a4bf6cc81f
77228ed1579a971963b804765b4a00016d90a6822311a790a56ea7604368bccc
7922672154ff022af02e6d75a0e6a8571eb08b2cbce621690e8fea1e73bf0fbf
79816a5804a05c4eabdb8ccfb69ce175dc92eb4a78ff06ca7cd0c96a47f66864
79d97b9efbdbb018dec45548585e4e20035b82d5e87ccae0f91538073d3f3b08
79f6e9c50512e949d072128ffcd0e0784a2b12c7161a22fedb0077ad833d665b
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7b4983b4be2f7da714ab16a624990dc48eee5ab968148216fa4a7805b167099c
7b7869492a8206ce4a88e4205fcdfe2dde1a0f6f88d6f5f1bb97df56e883513a
7bbac4123b9f3bc5aba633a37b6065921f1ca36deffa2aa945818a281d044285
7c0e6d9eddc635a248c7da2a1f9cf2156ee7cb550168c6259690f2dbaf9f464d
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fabb6e86e0405cfb84f133ff9356d6c0654c80dfd5f853b62b1980ae7508daa
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8135669297c22b1da54eaf629ebfd3c3f9c4819247af21677c6f4894866f3756
81785ea4caed8d310fc8b5a5eb1c9b33154c47f5d9c76134a9420fc607cc61fe
81de6ebae506642942c5be4b7242bb0eb6a9d12a1ddf38df505fe553a4cad7de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
841a55b863462cb4a06baa9a6ca0a0825258f940ba7234c4bffa18fa593bf229
842f769e119a4f1a82ede582f94b02114b2c022e5e10175ebd0607c22f08858f
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
85df7f4469e5f00f36d10ce607611f41b9b8ef95c67a188ddd7e0ee127548e8e
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab012389d1b12626da748e65b685bc4daa9365522985221abcc9a3122b0991d
8ae00306163f7447a84f0aec568e63420a54926d6b4a42da2a001b839fd8c594
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8e7a24d39696f203b4eaf83f0cb2539eac81422bd5533cf62eb44f7e8005ae
8ef7a457619d34da427c420e6e709edea156e1687920cea0444d5189924e88f6
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
9137161b9966c94959f6b3b452443fbaf62fc2c7ecd9bf9d50c917ef88c30dd5
92c900b26f9601f203bf6ee859b4fc0aee6c57752a6337cbf0050c06035139ff
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
9489961d15c685237a3987206533b9d49bdfce9ca6fc67e3a48c2d37267a5fad
95753bb6752d427886c6b05db06a94c0b9846f9de377e55b78104f75b665258c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9775683faff710903803d4377742cff28335624d308702db15f06e44899c6d77
98081f31a7e5ed4057cbc01c9a5249dfb2c59ab00acf366fe75e96657365b089
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c4b93ecd434377d2d62c3cffa4801c83130794a58433eb8195cf5259ea909c
9a7c4ac02d7eac182af036b2e0f9c8df358db63ef036db3a626449b265500e9d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b06a7d56906a19a7c72820bc3c88cfa2092a3eb6ba47b3858b238e135a4e653
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a19f4ea5e75cc96e6376eab7da0751d9471488b1382eacb0079aacc17e64321e
a399cd2bf738ba63d80e58ad5febc7ae10699167bf01e364d67a30bc2317863e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56f39b41550e992e42c04e87f83d631efec1f75820b532bb4aee5f2d809da58
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a770784b5d7eebff5e89fd63b2fc8847b5f74a14f1c4b6b5035f2b9eea5071e3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aac8560e1b5c328ff6e9d8036cd0a5759fff30973466e7df3df136fbfb827a60
ab24a4b21696e4ff4dcf50140d706443390d9a713c01b3e62ee22b116b416801
ac10096b5d531c7187fcdfbbc7bcf1bf20018aefb49c9f2434421dde3e4efed3
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
ac40ad574c56feb2690978100c0092dbe1b604811c2a6ac597d848723e4613f2
ac6198e201a75af368e9365a077dfffbc90ea40cf1d17c680208a33b5019f4df
af9a16a2c4afa9b7a2da0e8ed0d70f2bdcdb5e65441298bbf38ec0f7b7ba778c
b06a6a544a5f4ad8f2b3c8a7fe675774ec447c90e6d4df2d40da1d4627494d2d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b169342ff1c94e445c7f75eeb7d41c71c3506f7efc077441e81a50dbfa8c3ef2
b18f611c59ad7eccf9931546caf92fbbb442176f8ec4ea5404060ab999a302b6
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b96b92f6bdbe9e386407a0f6fd461a40593a4c9d786b2a7fcec8f69049c508ee
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bb142e6b6863b30b8ab058283972e7aa12ca0bcd5acf9207a6a655108ac47705
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bf2d1c757c6a13c22dbde9cc275e54652095271e65b32e3dcbd799aaf7a3ef7c
bfe67e924ac653a908db8fbf0a22d657ea0b46a6aad9ad00cc1b6e1d7bada88d
c09d804ad3bafd61edf222e6b486be725e22bfcdf8d26b37b5ee105fa105a36a
c0aa6426aa0bd2b6dc1486fa60cf2053db30c16df81e9be1c622d30341107c5d
c15a4d046e7ba321ea0382df516e0416522465d57d9867703b2169cf6c23b76b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c228a558e5082d2608eccd4c6eb7d468acd2c7450fdb78ab85fdbd89fc6f487b
c2bf74f280fd6c91ed19c2b48f6e666805d8e70e6f4233dbc708095a7c59bfdf
c33e4a1aba58eff1eb154fbd4a9df70f911048d010d4da4bcc6e906998150c50
c6ee139d600a9345bfac69b4ef79df6dd5bb6034cf9d1f2877ec7fe0285be653
c7516b342b45b8e59b5bc1b98d39bad3526810d08471991a699b17d80949c92c
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c87dbec1c1b59d434478c670d5edd07b19765957174ab806f2fb3820ec4dd255
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbc620743fe2c95c204299c4e6969cde5385189907a84a2cc68ae55cafc96535
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d15a8a6c43c9e3dbb8ba5f023fd8c42b3cc7fec078e48f80b7f1c1dc4d78bb9d
d1fc237758bf51bada48c26009e4f5fc850343402e4c6439fbb7fcaf8aa2c554
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d30bac5de5f75d80fd36bc2dd14b3f50b34b2085d35b3d442eff954eab0f314d
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4
dab8fae8460a5a494a7bb2f86a600bbd94b786ec4ac44e1bf120ab6397b9aeb7
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
dc917a0069a88df442ec168a8ffdf5d9789c4f25e94184458c07e281413a0d6c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0e6397ead8f6f8b6eeafd05f38909bb27b1f3a5c7b902bc902ee704852a9dd
dd46d22585f855078e8acf526d12c34675612f23e96a9e9cd29cbd8e3d1dcdb7
de2f3e6ee515db3fe55eb05e4d6e16bb097f3a8a41b935bb7a6afd06aba12097
dea892113a25165b37b3a949627b054d98a7f66561d914ed5725b1df4d295dec
df0f832eb27121629b0c88e95708f05cf97a2969f61599ea1d23ce0e5ad1cbdf
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e28f4976a45252fa6823a5cf13ce0fdd09c21a4c68ea81c46539df378130538f
e2c8bb571e15fab5a171fb8d59bf83fa4aab2cc8d749d6c37915433e8b038460
e3ab614ac79a31a4dfed818f08134ddf689b1307dda70186c3f584590f4067dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c793044d2e2408438543934234529ff0791d94d4f7455d55f454ff6375f767
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e92c1104a63b7db39c05fa0b9ef5b25174bcfe158c581c28f972e20ed0f35a43
e94b912fd235e1edb8f35f52364fe572b4e4f00c07830867b29eaadcdf578b5b
eb1b9efd61775200d31b799c294be2caa2ff34a66687455f627db4b3d56df8ee
ee76f5fa4dfd53fd407662c7f6e9788498acaacc43ab50fd315392154102e310
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ed26fba3ab58bb98a74fa5a017d154398e66914ae1825d802783901e6d6e3
ef8b603bbdee587bef7e1db6f4b8f807b1623bbbac47a8adf73b3b31e3b2124c
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f22139ea65738716f98c13ef4033aae2e9a922b942a26fca746648c18e0901cd
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f322b51bcc64a9861ae5b2803f18664b14a04b65085abcd6b3cdd15f65d78f0a
f37b608dcd1ec1d867ba7926966ccde18a77113712c1544b4fb713a8bfc7f23a
f3c746da6c5c19261ade6c1c5633bcf228b951b2d025ff0d792f0ac070322564
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f64265e08ef4167fe4e04b8cbd72d93539c2c024eb5a5d9db8c2149112610325
f693ec2e56f32e7ac9af10b4ae6452a72110e8ec7e978790ac972b7cca86ab17
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fb2c8b3c90bf696532f0f4340068b0182bb4ef93e00647b40c49097d27835c16
fb84ccee7e98b50c4725b5cf6b7df76b5382ef6af815ec403d9c95365c1d1e41
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fcc58fad3b8c00f036b043463f765940b3bd0a443cfc7394800af9de810f907c
ffb971235f9578aeafc17b2b6994cdf446a448d50123cd879777e013ae8858a1
ffe839fa9ddba3384c1ea233c110f316e8782763cbed787735cc6f747fbbae30