www.esm3ha.net Open in urlscan Pro
2606:4700:3031::681b:9749 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.esm3ha.net/
Effective URL:
https://www.esm3ha.net/
Submission: On June 05 via api (June 5th 2020, 11:30:48 pm UTC) from US

Summary HTTP 39 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 22 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3031::681b:9749, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.esm3ha.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 18th 2020. Valid for: 9 months.

This is the only time www.esm3ha.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3031::681b:9749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6812:25c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:c30d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
1 13	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
2 2	18.156.143.117 18.156.143.117	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 2	52.16.238.200 52.16.238.200	16509 (AMAZON-02) (AMAZON-02)
1 1	35.164.144.160 35.164.144.160	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	52.58.36.240 52.58.36.240	16509 (AMAZON-02) (AMAZON-02)
2 2	136.243.75.8 136.243.75.8	24940 (HETZNER-AS) (HETZNER-AS)
39	14

7 2606:4700:3031::681b:9749 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.esm3ha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6812:25c4 (United States)

ASN13335 (CLOUDFLARENET, US)

htintpa.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c30d (United States)

ASN13335 (CLOUDFLARENET, US)

projectagoralibs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.13.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.113.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.zorosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.143.117 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-143-117.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.113.136.100 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.234 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

am-sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.238.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-238-200.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.144.160 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-144-160.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.36.240 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-36-240.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.75.8 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	taboola.com 3 redirects cdn.taboola.com trc.taboola.com match.taboola.com am-sync.taboola.com cds.taboola.com images.taboola.com	215 KB
7	esm3ha.net 1 redirects www.esm3ha.net	107 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	adhigh.net 2 redirects px.adhigh.net	943 B
2	adsrvr.org 2 redirects match.adsrvr.org	916 B
2	doubleclick.net 1 redirects cm.g.doubleclick.net	1 KB
2	adnxs.com ib.adnxs.com	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	725 B
2	powerlinks.com 2 redirects px.powerlinks.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	bttrack.com bttrack.com	380 B
1	storygize.net 1 redirects www.storygize.net	429 B
1	contextweb.com 1 redirects bh.contextweb.com	487 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	zorosrv.com match.zorosrv.com	387 B
1	projectagoralibs.com projectagoralibs.com	100 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	htintpa.tech htintpa.tech	1 KB
39	22

	Domain	Requested by
8	trc.taboola.com	1 redirects cdn.taboola.com
7	www.esm3ha.net	1 redirects www.esm3ha.net
5	am-sync.taboola.com	1 redirects
4	images.taboola.com
4	cdn.taboola.com	projectagoralibs.com cdn.taboola.com
3	x.bidswitch.net	3 redirects
3	sync.mathtag.com	3 redirects
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.esm3ha.net
2	px.adhigh.net	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	ib.adnxs.com
2	b1sync.zemanta.com	2 redirects
2	px.powerlinks.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.esm3ha.net
1	cds.taboola.com
1	bttrack.com
1	www.storygize.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	bh.contextweb.com	1 redirects
1	pixel.rubiconproject.com
1	match.zorosrv.com
1	match.taboola.com	1 redirects
1	projectagoralibs.com	htintpa.tech
1	www.googletagmanager.com	www.esm3ha.net
1	htintpa.tech	www.esm3ha.net
39	28

This site contains links to these domains. Also see Links.

Domain
popup.projectagora.com
www.labtrk.com
www.pricerunner.se

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-18` - `2020-10-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2020-09-10`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-06-02`	a year	crt.sh
*.zorosrv.com DigiCert SHA2 Secure Server CA	`2020-06-03` - `2021-05-19`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.esm3ha.net/
Frame ID: 9793399B02028FFDA7633C74C0178E68
Requests: 24 HTTP requests in this frame

Frame: https://match.zorosrv.com/match?tabid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&extuid=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&excid=218&query=taboola_hm%3D4623291e-4dec-40d6-beaf-9c5bf8b2c5c7
Frame ID: 77D45531DCC8CE04CB88C58A93DEA45C
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.esm3ha.net/ HTTP 301
https://www.esm3ha.net/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

39
Requests

100 %
HTTPS

21 %
IPv6

22
Domains

28
Subdomains

14
IPs

6
Countries

477 kB
Transfer

1891 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://popup.projectagora.com/?template=colorbox&utm_source=esm3hamena-f19140792&utm_medium=referral&utm_content=sc-esm3ha:Sponsored%20Below%20Article:
Title: by Project Agora

Search URL Search Domain Scan URL

URL: https://www.labtrk.com/49965e34-b7d5-4ac7-b5ea-0ecc0fdbb07b?CampaignID=2583941&Site=esm3hamena-f19140792&Thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb32ab1091088acb202ed9320614ee8db.png&Title=Lider+du+av+artrit+sm%C3%A4rta%3F+Ta+detta+en+g%C3%A5ng+om+dagen&Site_id=1296121&ad=25&utm_source=taboola&utm_medium=se_p_desk&site_id=1296121#tblciGiC6e9lZrelf3u2Hesznce6h4CXA-UY9iGhVS18SCFmmNiCV_0g
Title: Jupiter Laboratories

Search URL Search Domain Scan URL

URL: https://www.pricerunner.se/bo/cicamed-effektiv-hudvard-med-naturligt-veganskt-och-ekologiskt-fokus?ref-site=sponsored&ref-ad=taboola&utm_medium=banner&utm_campaign=sponsored&utm_source=taboola&tblci=GiC6e9lZrelf3u2Hesznce6h4CXA-UY9iGhVS18SCFmmNiDA30c#tblciGiC6e9lZrelf3u2Hesznce6h4CXA-UY9iGhVS18SCFmmNiDA30c
Title: PriceRunner

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.esm3ha.net/ HTTP 301
https://www.esm3ha.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1591399810650&ns_c=UTF-8&cv=3.5&c8=%D8%A5%D8%B3%D9%85%D8%B9%D9%87%D8%A7%20-%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A7%D8%BA%D8%A7%D9%86%D9%8A%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%D9%8B&c7=https%3A%2F%2Fwww.esm3ha.net%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1591399810650&ns_c=UTF-8&cv=3.5&c8=%D8%A5%D8%B3%D9%85%D8%B9%D9%87%D8%A7%20-%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A7%D8%BA%D8%A7%D9%86%D9%8A%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%D9%8B&c7=https%3A%2F%2Fwww.esm3ha.net%2F&c9=&cs_ak_ss=1

Request Chain 16

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&tbid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&query=taboola_hm%3D4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&extuid=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&excid=218&query=taboola_hm%3D4623291e-4dec-40d6-beaf-9c5bf8b2c5c7

Request Chain 18

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D&orig=trc HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Fam-sync.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253DMJWBRYI6kcyC6l5cdI2E1CscxR013gPgwq9BtG11tVI%2525253D HTTP 302
https://px.powerlinks.com/user/sync/dsps?userId=ee5a5eda-d583-4400-8deb-d1ddfe0d8708&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DMJWBRYI6kcyC6l5cdI2E1CscxR013gPgwq9BtG11tVI%253D HTTP 302
https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=MJWBRYI6kcyC6l5cdI2E1CscxR013gPgwq9BtG11tVI%3D

Request Chain 19

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc&mm_bnc&mm_bct&UUID=ee5a5eda-d583-4400-8deb-d1ddfe0d8708 HTTP 302
https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=ee5a5eda-d583-4400-8deb-d1ddfe0d8708

Request Chain 20

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fam-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qlwz4VRaO4Xv&ev=1&orig=trc&pid=562107

Request Chain 21

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6BNtDqsg1P0E2EN6KkzO&pi=taboola&tc=1

Request Chain 22

https://b1sync.zemanta.com/usersync/taboola/?puid={user_id}&cb=https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=__ZUID__&orig=trc HTTP 302
https://b1sync.zemanta.com/usersync/taboola/?cb=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fzemantartb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__ZUID__&orig=trc&puid=%7Buser_id%7D&s=2 HTTP 302
https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=yII6pXQZy-RzSg0HKhu5

Request Chain 24

https://am-sync.taboola.com/sg/google-network/1/rtb?orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&google_hm=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&google_hm=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&google_tc=

Request Chain 26

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d1fddddb-efb9-4885-94c0-5c84f95a3ac3

Request Chain 27

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 30

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=uxUzgIbB7q1A.AikABlFyhtIL3Q&expires=30&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=f0748096-7a9d-4c7e-b853-5bc30e4fbec3

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.esm3ha.net/
Redirect Chain

http://www.esm3ha.net/
https://www.esm3ha.net/

4 KB
2 KB

126ms
102ms

Document
text/html

2606:4700:3031::681b:9749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.esm3ha.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:9749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c182a3613767b1cc15440445243b082f8d47173d64eb730e1d3e058fafeaca80

Request headers

:method: GET
:authority: www.esm3ha.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d5d8a060ed209c8b1c02988893de529371591399809
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 05 Jun 2020 23:30:10 GMT
content-type: text/html; charset=UTF-8
pragma: no-cache
set-cookie: PHPSESSID=46dd52d77b1efe572a5813f714f7cf2f; path=/
x-page-speed: 1.12.34.3-0
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-request-id: 03286b1bbd00006467c2bab200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59edae0c6fea6467-FRA
content-encoding: br

Redirect headers

Date: Fri, 05 Jun 2020 23:30:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d5d8a060ed209c8b1c02988893de529371591399809; expires=Sun, 05-Jul-20 23:30:09 GMT; path=/; domain=.esm3ha.net; HttpOnly; SameSite=Lax
Location: https://www.esm3ha.net/
CF-Cache-Status: DYNAMIC
cf-request-id: 03286b1b880000d6f14a38b200000001
Server: cloudflare
CF-RAY: 59edae0c0b29d6f1-FRA

GET
H2 200 vendos.css
www.esm3ha.net/css/ 100 KB
16 KB 15ms
13ms Stylesheet
text/css 2606:4700:3031::681b:9749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.esm3ha.net/css/vendos.css
Requested by: Host: www.esm3ha.net
URL: https://www.esm3ha.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:9749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db0f6372a7c251f339a8bc85b8c8bb75ea8f6dc4f6ad361bbc82a8cc243f9ce

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 102805
age: 1299979
status: 200
cf-request-id: 03286b1c2d00006467c2bb4200000001
pragma: public
server: cloudflare
etag: W/"5d83ed79-19195"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 59edae0d183a6467-FRA
expires: Sat, 20 Jun 2020 21:40:44 GMT

GET
H2 200 bootstrap-robust.css
www.esm3ha.net/css/ 28 KB
5 KB 13ms
12ms Stylesheet
text/css 2606:4700:3031::681b:9749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.esm3ha.net/css/bootstrap-robust.css
Requested by: Host: www.esm3ha.net
URL: https://www.esm3ha.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:9749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a5987378f669cb83bf3616341f705d1ee233c62240757159db94b7fe44b8f5

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 28912
age: 1667217
status: 200
cf-request-id: 03286b1c2d00006467c2bb5200000001
pragma: public
server: cloudflare
etag: W/"5d811969-70f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 59edae0d183b6467-FRA
expires: Tue, 16 Jun 2020 09:09:00 GMT

GET
H2 200 compts.css
www.esm3ha.net/css/ 644 KB
58 KB 14ms
12ms Stylesheet
text/css 2606:4700:3031::681b:9749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.esm3ha.net/css/compts.css
Requested by: Host: www.esm3ha.net
URL: https://www.esm3ha.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:9749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471657052409241865d52bb9bf6b0d0ad51f525b55084b10ad7c1bd06c24fce9

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 659271
age: 2563897
status: 200
cf-request-id: 03286b1c2d00006467c2bb6200000001
pragma: public
server: cloudflare
etag: W/"5d8a9191-a0f47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 59edae0d183c6467-FRA
expires: Wed, 03 Jun 2020 03:42:23 GMT

GET
H2 200 styl.css
www.esm3ha.net/css/ 10 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700:3031::681b:9749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.esm3ha.net/css/styl.css?5
Requested by: Host: www.esm3ha.net
URL: https://www.esm3ha.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:9749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5a12daec9d65ad4b7ec02229c67c875e9ce2e2fcf613b63c56dd7db0dd353b

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 10162
age: 2565962
status: 200
cf-request-id: 03286b1c2d00006467c2bb7200000001
pragma: public
server: cloudflare
etag: W/"5d83ee35-27b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 59edae0d183d6467-FRA
expires: Fri, 05 Jun 2020 23:34:43 GMT

GET
H2 200 esm3ha.net.js Show response
htintpa.tech/c/ 1 KB
1 KB 33ms
12ms Script
application/javascript 2606:4700:3037::6812:25c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htintpa.tech/c/esm3ha.net.js
Requested by: Host: www.esm3ha.net
URL: https://www.esm3ha.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6812:25c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b7fd93a9dad0eafedf50a531de28ab0922816eee1939984a527b054e1c7657

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1192
cf-ray: 59edae0d3c621752-FRA
status: 200
content-length: 516
x-amz-id-2: mJenz3a4t15MPAMCrf5GUqvFZLfDqRLLhCX9BTpv+GIJq6Vlr9TeDMDdReSPa6TUbD4QkwIBqsE=
last-modified: Thu, 07 May 2020 10:11:00 GMT
server: cloudflare
etag: "de64dfb767cce98da5869000cad5d8eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4F68EA9A97AA493B
cache-control: max-age=14400
cf-request-id: 03286b1c41000017525dbf3200000001
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 tp.png
www.esm3ha.net/ 22 KB
22 KB 14ms
13ms Image
image/png 2606:4700:3031::681b:9749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esm3ha.net/tp.png
Requested by: Host: www.esm3ha.net
URL: https://www.esm3ha.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:9749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c3d18fd52cc56fcc09cb1528d7371446f122fd413df8b534c3b9eecf303383

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
cf-cache-status: HIT
age: 2529960
status: 200
content-length: 22770
cf-request-id: 03286b1c2e00006467c2bb8200000001
pragma: public
server: cloudflare
etag: "5d8a9191-58f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 59edae0d183e6467-FRA
expires: Sat, 06 Jun 2020 13:35:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134594697-1

Requested by

Host: www.esm3ha.net
URL: https://www.esm3ha.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56d5d099d0ea474bce5cb0942ebe67e90055884c6acc0f857e98a12b46855e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33177
x-xss-protection: 0
last-modified: Fri, 05 Jun 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jun 2020 23:30:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134594697-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 2031
date: Fri, 05 Jun 2020 22:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sat, 06 Jun 2020 00:56:19 GMT

GET
H2 200 projectagora.min.js Show response
projectagoralibs.com/libs/ 355 KB
100 KB 38ms
12ms Script
application/javascript 2606:4700:3036::ac43:c30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/projectagora.min.js
Requested by: Host: htintpa.tech
URL: https://htintpa.tech/c/esm3ha.net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe83f12f398e635fd5471dbc35cbcba694b03728b29e1ad69915b63c7b26a27

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 298
cf-ray: 59edae0dfa17d6bd-FRA
status: 200
content-length: 102213
x-amz-id-2: nMWQKHVKRupSoUtSEvPUm5ScmdjhhLpmegBbG67owyxD6vwXZ48bDpmG1YC8mkP+IKaqyuZzqGs=
last-modified: Thu, 04 Jun 2020 13:24:54 GMT
server: cloudflare
etag: "0f0b4fa4dcc8af2ee2ac6500120fa4cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AD1A0DC91B521BFE
cache-control: max-age=14400
cf-request-id: 03286b1cb80000d6bd62015200000001
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=34440665&t=pageview&_s=1&dl=https%3A%2F%2Fwww.esm3ha.net%2F&ul=en-us&de=UTF-8&dt=%D8%A5%D8%B3%D9%85%D8%B9%D9%87%D8%A7%20-%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A7%D8%BA%D8%A7%D9%86%D9%8A%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%D9%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1122760716&gjid=1043068669&cid=637758587.1591399810&tid=UA-134594697-1&_gid=1214468117.1591399810&_r=1&gtm=2ou5r0&z=1931120691

Requested by

Host: www.esm3ha.net
URL: https://www.esm3ha.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 23:30:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/esm3hamena-f19140792/ 70 KB
19 KB 168ms
55ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/esm3hamena-f19140792/loader.js
Requested by: Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a14c73be7500792137b6f706d58a59c17f0206df7e81b7d67f0b2be86a25e3d0

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tqS7Ck3TsuZPf_6Wf3e4AI7yU0kGDroj
content-encoding: gzip
etag: "f168e8b629d847cae0a4b06aa4f6e41d"
age: 74
x-cache: HIT
status: 200
content-length: 18867
x-amz-id-2: 43CRNbguO+aGIARTwEgKd8cLp5ZPc8nMMbj2b5cwc/b14PZQveAFu4Di7H8Sp1UMV59LQuIcR88=
x-served-by: cache-fra19139-FRA
last-modified: Wed, 03 Jun 2020 14:07:33 GMT
server: AmazonS3
x-timer: S1591399810.433972,VS0,VE0
date: Fri, 05 Jun 2020 23:30:10 GMT
vary: Accept-Encoding
x-amz-request-id: FD958ABF32E78954
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 78
x-cache-hits: 2

GET
H2 200 impl.20200603-20-RELEASE.js Show response
cdn.taboola.com/libtrc/ 446 KB
126 KB 55ms
55ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200603-20-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esm3hamena-f19140792/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f7d7b07dbdc57295d8ae714dc7a7809a6cc24ced9410477d3cdc934712cfd63

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: OjYUiJfExPzctXbFCzFG_vz5mtys_OYc
content-encoding: gzip
etag: "50f0d94179597edf2bb7d4ee66c7b20c"
age: 59
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 128937
x-amz-id-2: wsNhuVNXdNJf9lQlTkCRVcdrhKBzLuPAC/durK3rAFHZJez2L+TT7qxIG41iGLR6SZN0r0sCSxc=
x-served-by: cache-fra19139-FRA
last-modified: Wed, 03 Jun 2020 13:51:19 GMT
server: AmazonS3
x-timer: S1591399811.522206,VS0,VE0
date: Fri, 05 Jun 2020 23:30:10 GMT
vary: Accept-Encoding
x-amz-request-id: 34936D3DA4C14757
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 129

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 155ms
51ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esm3hamena-f19140792/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Jun 2020 23:30:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 06 Jun 2020 23:30:10 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1591399810650&ns_c=UTF-8&cv=3.5&c8=%D8%A5%D8%B3%D9%85%D8%B9%D9%87%D8%A7%20-%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1591399810650&ns_c=UTF-8&cv=3.5&c8=%D8%A5%D8%B3%D9%85%D8%B9%D9%87%D8%A7%20-%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84...

0
528 B

52ms
51ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1591399810650&ns_c=UTF-8&cv=3.5&c8=%D8%A5%D8%B3%D9%85%D8%B9%D9%87%D8%A7%20-%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A7%D8%BA%D8%A7%D9%86%D9%8A%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%D9%8B&c7=https%3A%2F%2Fwww.esm3ha.net%2F&c9=&cs_ak_ss=1
Requested by: Host: www.esm3ha.net
URL: https://www.esm3ha.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Jun 2020 23:30:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1591399810650&ns_c=UTF-8&cv=3.5&c8=%D8%A5%D8%B3%D9%85%D8%B9%D9%87%D8%A7%20-%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A7%D8%BA%D8%A7%D9%86%D9%8A%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%D9%8B&c7=https%3A%2F%2Fwww.esm3ha.net%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 05 Jun 2020 23:30:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/esm3hamena-f19140792/trc/3/ 5 KB
3 KB 235ms
127ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/esm3hamena-f19140792/trc/3/json?tim=01%3A30%3A11.151&lti=deflated&data=%7B%22id%22%3A265%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1591399811148%2C%22cv%22%3A%2220200603-20-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.esm3ha.net%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22sc-esm3ha%3Aabp%3D0%22%2C%22uip%22%3A%22Sponsored%20Below%20Article%22%2C%22orig_uip%22%3A%22Sponsored%20Below%20Article%22%2C%22cd%22%3A368.65625%2C%22mw%22%3A500%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200603-20-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a61afbce7bdfc4330b7252ad26e2ed0ced369bbe3ed8f92d3081eb954359a33

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 75
date: Fri, 05 Jun 2020 23:30:11 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4027-HHN
server: nginx
x-timer: S1591399811.291013,VS0,VE75
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 userx.20200603-20-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 55ms
55ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200603-20-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esm3hamena-f19140792/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b455f9e7ffabf48f8fe141b26465f97a5cd6b18483c5a8b8119dcbe3475999c

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 6OeLYg1ln47Y2CGzbOlAYhyYv71p2P5S
content-encoding: gzip
etag: "2ae97bb74f26a177c74d2fe435a928cc"
age: 108
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7712
x-amz-id-2: lIDRRgrQskXS7KudoBQElMHIy6+1TiZ9BqToeGjMfAMBN8ixwNRjRyuA6NSmS05/h7ryRiQeMyo=
x-served-by: cache-fra19139-FRA
last-modified: Wed, 03 Jun 2020 13:51:26 GMT
server: AmazonS3
x-timer: S1591399811.443112,VS0,VE0
date: Fri, 05 Jun 2020 23:30:11 GMT
vary: Accept-Encoding
x-amz-request-id: F6AB8FD094F28C60
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 52

GET
H2

200

match
match.zorosrv.com/ Frame 77D4
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&tbid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&query=taboola_hm%3D4623291e-4dec-...
https://match.zorosrv.com/match?tabid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&extuid=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&excid=218&query=taboola_hm%3D4623291e-4dec-40d6-beaf-9c5bf8b2c5c7

0
387 B

175ms
63ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&extuid=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&excid=218&query=taboola_hm%3D4623291e-4dec-40d6-beaf-9c5bf8b2c5c7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1591399812.961001,VS0,VE8
x-served-by: cache-hhn4061-HHN
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status: 200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-cache-hits: 0

Redirect headers

date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1591399812.785080,VS0,VE9
x-served-by: cache-fra19139-FRA
status: 302
x-cache: MISS
location: https://match.zorosrv.com/match?tabid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&extuid=4623291e-4dec-40d6-beaf-9c5bf8b2c5c7&excid=218&query=taboola_hm%3D4623291e-4dec-40d6-beaf-9c5bf8b2c5c7
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 77D4 0
239 B 213ms
51ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

/
am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 77D4
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D...
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://px.powerlinks.com/user/sync/dsps?userId=ee5a5eda-d583-4400-8deb-d1ddfe0d8708&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp...
https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=MJWBRYI6kcyC6l5cdI2E1CscxR013gPgwq9BtG11tVI%3D

45 B
272 B

51ms
51ms

Image
image/gif

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=MJWBRYI6kcyC6l5cdI2E1CscxR013gPgwq9BtG11tVI%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.40.0.111:10213
date: Fri, 05 Jun 2020 23:30:11 GMT
server: nginx
x-fastly-to-nlb-rtt: 26850

Redirect headers

Location: https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=MJWBRYI6kcyC6l5cdI2E1CscxR013gPgwq9BtG11tVI%3D
Date: Fri, 05 Jun 2020 23:30:11 GMT
Server: nginx
Connection: close
Etag: "MJWBRYI6kcyC6l5cdI2E1CscxR013gPgwq9BtG11tVI="
Content-Length: 0

GET
H2

200

/
am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 77D4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc&mm_bnc&mm_bct&UUID=ee5a5eda-d583-4400-8deb-d1ddfe0d8708
https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=ee5a5eda-d583-4400-8deb-d1ddfe0d8708

0
227 B

51ms
50ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=ee5a5eda-d583-4400-8deb-d1ddfe0d8708
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.40.0.117:10213
date: Fri, 05 Jun 2020 23:30:11 GMT
server: nginx
x-fastly-to-nlb-rtt: 22354

Redirect headers

Date: Fri, 05 Jun 2020 23:30:02 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=ee5a5eda-d583-4400-8deb-d1ddfe0d8708
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Jun 2020 23:30:01 GMT

GET
H2

204

/
am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 77D4
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fam-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qlwz4VRaO4Xv&ev=1&orig=trc&pid=562107

0
218 B

51ms
50ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qlwz4VRaO4Xv&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.30.10:10213
date: Fri, 05 Jun 2020 23:30:11 GMT
server: nginx
x-fastly-to-nlb-rtt: 27485

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
status: 302
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qlwz4VRaO4Xv&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6bbc94ffcd-fckqk
expires: -1

GET
H2

200

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 77D4
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6BNtDqsg1P0E2EN6KkzO&pi=taboola&tc=1

0
58 B

62ms
61ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6BNtDqsg1P0E2EN6KkzO&pi=taboola&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1591399812.665916,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

Redirect headers

status: 302
pragma: no-cache
date: Fri, 05 Jun 2020 23:30:11 GMT, Fri, 05 Jun 2020 23:30:11 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6BNtDqsg1P0E2EN6KkzO&pi=taboola&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

/
am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/ Frame 77D4
Redirect Chain

https://b1sync.zemanta.com/usersync/taboola/?puid={user_id}&cb=https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=__ZUID__&orig=trc
https://b1sync.zemanta.com/usersync/taboola/?cb=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fzemantartb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__ZUID__&orig=trc&puid=%7Buser_id%7D&s=2
https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=yII6pXQZy-RzSg0HKhu5

0
218 B

51ms
51ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=yII6pXQZy-RzSg0HKhu5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.24.10:10213
date: Fri, 05 Jun 2020 23:30:12 GMT
server: nginx
x-fastly-to-nlb-rtt: 26289

Redirect headers

Pragma: no-cache
Date: Fri, 05 Jun 2020 23:30:12 GMT
P3p: CP="We do not support P3P header."
Location: https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=yII6pXQZy-RzSg0HKhu5
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 113
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 77D4 43 B
692 B 169ms
46ms Image
image/gif 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Jun 2020 23:30:13 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid: 38ac3a9d-5dba-4bf7-9450-bdf0910b1969
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 77D4
Redirect Chain

https://am-sync.taboola.com/sg/google-network/1/rtb?orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&google_hm=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&google_hm=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&google_tc=

170 B
242 B

73ms
72ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&google_hm=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&google_tc=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 23:30:11 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jun 2020 23:30:11 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&google_hm=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&google_tc=
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 77D4 43 B
692 B 172ms
50ms Image
image/gif 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Jun 2020 23:30:13 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.10:80
AN-X-Request-Uuid: 800757cf-d174-41d4-92b8-830ce792d06c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 77D4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d1fddddb-efb9-4885-94c0-5c84f95a3ac3

0
210 B

62ms
61ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d1fddddb-efb9-4885-94c0-5c84f95a3ac3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1591399812.940936,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

Redirect headers

pragma: no-cache
date: Fri, 05 Jun 2020 23:30:11 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d1fddddb-efb9-4885-94c0-5c84f95a3ac3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 77D4
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
55 B

61ms
60ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 05 Jun 2020 23:30:12 GMT
via: 1.1 varnish
server: nginx
x-timer: S1591399812.413816,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 77D4 35 B
380 B 561ms
142ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Fri, 05 Jun 2020 23:30:11 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 77D4 0
157 B 412ms
138ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=bc6a45eb-d7d1-44e8-8b70-fb0deee9e748-tuct5d45b03&_r=5798482
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Jun 2020 23:30:12 GMT
cache-control: no-store
x-envoy-upstream-service-time: 1
Server: nginx
Connection: close

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 77D4
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=uxUzgIbB7q1A.AikABlFyhtIL3Q&expires=30&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=f0748096-7a9d-4c7e-b853-5bc30e4fbec3

0
204 B

63ms
60ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=f0748096-7a9d-4c7e-b853-5bc30e4fbec3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 05 Jun 2020 23:30:12 GMT
via: 1.1 varnish
server: nginx
x-timer: S1591399812.251565,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

Redirect headers

status: 302
date: Fri, 05 Jun 2020 23:30:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=f0748096-7a9d-4c7e-b853-5bc30e4fbec3
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 b32ab1091088acb202ed9320614ee8db.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 55ms
53ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b32ab1091088acb202ed9320614ee8db.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9218f88aabb2049ff9ecc32f8568638e6a73afa0cde0dd31e046d46e4b1fe38f

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1373851
edge-cache-tag: 499182687069012122533716384195921227554,530739727945569962012488818789400895887,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 02 Jun 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b32ab1091088acb202ed9320614ee8db.png
content-length: 7977
x-served-by: cache-dca17745-DCA, cache-dca17720-DCA, cache-hhn4027-HHN
last-modified: Sat, 02 May 2020 08:40:13 GMT
server: cloudinary
x-timer: S1591399812.877698,VS0,VE1
etag: "8f3d2b80f70068e636fab338647733bc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 cicamed1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/site-gui/list/Health-and-Beauty/ 19 KB
20 KB 55ms
54ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/site-gui/list/Health-and-Beauty/cicamed1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 03b2c93fe2be9c47237eefe641d2fa1b97a2e786c0612f3f1cf3b9a760528006

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 238722
edge-cache-tag: 552288713240443837375504363681246595175,530739727945569962012488818789400895887,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 28 Jun 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/site-gui/list/Health-and-Beauty/cicamed1.jpg
content-length: 19811
x-served-by: cache-dca17776-DCA, cache-dca17781-DCA, cache-hhn4027-HHN
last-modified: Thu, 28 May 2020 07:18:49 GMT
server: cloudinary
x-timer: S1591399812.897141,VS0,VE1
etag: "fe5aa4c8304bf97fca9d22a3839c38f5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
661 B 56ms
53ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 12937
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19139-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1591399812.554205,VS0,VE0
date: Fri, 05 Jun 2020 23:30:11 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 66
x-cache-hits: 8786

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b32ab1091088acb202ed9320614ee8db.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9218f88aabb2049ff9ecc32f8568638e6a73afa0cde0dd31e046d46e4b1fe38f

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1373851
edge-cache-tag: 499182687069012122533716384195921227554,530739727945569962012488818789400895887,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 02 Jun 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b32ab1091088acb202ed9320614ee8db.png
content-length: 7977
x-served-by: cache-dca17745-DCA, cache-dca17720-DCA, cache-hhn4027-HHN
last-modified: Sat, 02 May 2020 08:40:13 GMT
server: cloudinary
x-timer: S1591399812.936295,VS0,VE0
etag: "8f3d2b80f70068e636fab338647733bc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/site-gui/list/Health-and-Beauty/cicamed1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 03b2c93fe2be9c47237eefe641d2fa1b97a2e786c0612f3f1cf3b9a760528006

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 05 Jun 2020 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 238722
edge-cache-tag: 552288713240443837375504363681246595175,530739727945569962012488818789400895887,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 28 Jun 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_177%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/site-gui/list/Health-and-Beauty/cicamed1.jpg
content-length: 19811
x-served-by: cache-dca17776-DCA, cache-dca17781-DCA, cache-hhn4027-HHN
last-modified: Thu, 28 May 2020 07:18:49 GMT
server: cloudinary
x-timer: S1591399812.982437,VS0,VE0
etag: "fe5aa4c8304bf97fca9d22a3839c38f5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

POST
H2 204 bulk Show response
trc.taboola.com/esm3hamena-f19140792/log/3/ 0
249 B 62ms
61ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/esm3hamena-f19140792/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200603-20-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
date: Fri, 05 Jun 2020 23:30:12 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1591399813.536112,VS0,VE8
content-type: image/gif
access-control-allow-origin: https://www.esm3ha.net
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/esm3hamena-f19140792/log/3/ 0
56 B 62ms
62ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/esm3hamena-f19140792/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200603-20-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esm3ha.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Fri, 05 Jun 2020 23:30:12 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1591399813.539044,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.esm3ha.net
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.esm3ha.net/	1970-01-19 10:03:19	Name: _gat_gtag_UA_134594697_1 Value: 1
.esm3ha.net/	1970-01-19 10:04:46	Name: _gid Value: GA1.2.1214468117.1591399810
.esm3ha.net/	1970-01-20 03:34:31	Name: _ga Value: GA1.2.637758587.1591399810
www.esm3ha.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 46dd52d77b1efe572a5813f714f7cf2f
.esm3ha.net/	1970-01-19 10:46:31	Name: __cfduid Value: d5d8a060ed209c8b1c02988893de529371591399809

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am-sync.taboola.com
ams.creativecdn.com
b1sync.zemanta.com
bh.contextweb.com
bttrack.com
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
creativecdn.com
htintpa.tech
ib.adnxs.com
images.taboola.com
match.adsrvr.org
match.taboola.com
match.zorosrv.com
pixel.rubiconproject.com
projectagoralibs.com
px.adhigh.net
px.powerlinks.com
rtb.mfadsrvr.com
sb.scorecardresearch.com
sync.mathtag.com
trc.taboola.com
www.esm3ha.net
www.google-analytics.com
www.googletagmanager.com
www.storygize.net
x.bidswitch.net
104.111.238.139
136.243.75.8
141.226.224.32
141.226.228.48
151.101.113.44
151.101.13.44
172.217.16.194
18.156.143.117
185.184.8.30
185.29.135.234
185.33.221.13
192.132.33.46
198.148.27.139
2606:4700:3031::681b:9749
2606:4700:3036::ac43:c30d
2606:4700:3037::6812:25c4
2a00:1450:4001:802::2008
2a00:1450:4001:81d::200e
35.164.144.160
40.113.136.100
52.16.238.200
52.58.36.240
64.202.112.95
69.173.144.139
03b2c93fe2be9c47237eefe641d2fa1b97a2e786c0612f3f1cf3b9a760528006
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
2a61afbce7bdfc4330b7252ad26e2ed0ced369bbe3ed8f92d3081eb954359a33
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
34a5987378f669cb83bf3616341f705d1ee233c62240757159db94b7fe44b8f5
471657052409241865d52bb9bf6b0d0ad51f525b55084b10ad7c1bd06c24fce9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
56d5d099d0ea474bce5cb0942ebe67e90055884c6acc0f857e98a12b46855e89
5d5a12daec9d65ad4b7ec02229c67c875e9ce2e2fcf613b63c56dd7db0dd353b
5f7d7b07dbdc57295d8ae714dc7a7809a6cc24ced9410477d3cdc934712cfd63
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fe83f12f398e635fd5471dbc35cbcba694b03728b29e1ad69915b63c7b26a27
9218f88aabb2049ff9ecc32f8568638e6a73afa0cde0dd31e046d46e4b1fe38f
99b7fd93a9dad0eafedf50a531de28ab0922816eee1939984a527b054e1c7657
9b455f9e7ffabf48f8fe141b26465f97a5cd6b18483c5a8b8119dcbe3475999c
9db0f6372a7c251f339a8bc85b8c8bb75ea8f6dc4f6ad361bbc82a8cc243f9ce
a14c73be7500792137b6f706d58a59c17f0206df7e81b7d67f0b2be86a25e3d0
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
c182a3613767b1cc15440445243b082f8d47173d64eb730e1d3e058fafeaca80
c2c3d18fd52cc56fcc09cb1528d7371446f122fd413df8b534c3b9eecf303383
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

www.esm3ha.net Open in urlscan Pro 2606:4700:3031::681b:9749 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

21 %IPv6

22 Domains

28 Subdomains

14 IPs

6 Countries

477 kBTransfer

1891 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.esm3ha.net Open in urlscan Pro
2606:4700:3031::681b:9749 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

21 %
IPv6

22
Domains

28
Subdomains

14
IPs

6
Countries

477 kB
Transfer

1891 kB
Size

5
Cookies

39 HTTP transactions
0 data transactions