weakstreams.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://weakspell.com/
Effective URL:
http://weakstreams.com/
Submission Tags: falconsandbox
Submission: On April 13 via api (April 13th 2022, 8:09:46 pm UTC) from US — Scanned from DE

Summary HTTP 146 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 36 domains to perform 146 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is weakstreams.com. The Cisco Umbrella rank of the primary domain is 221031.

This is the only time weakstreams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.64.119.51 192.64.119.51	22612 (NAMECHEAP...) (NAMECHEAP-NET)
32	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:10:... 2606:4700:10::6816:3ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a465	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:e200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:224... 2600:9000:2240:8600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:10:... 2606:4700:10::6816:3bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a01:28:cb6:3... 2a01:28:cb6:3::11	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
1	3.121.92.52 3.121.92.52	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	() ()
8 44	51.75.86.98 51.75.86.98	() ()
1	37.252.172.250 37.252.172.250	() ()
4	2606:4700:10:... 2606:4700:10::ac43:2ac9	() ()
7	2606:4700:303... 2606:4700:3037::ac43:9e3b	() ()
3	185.184.8.90 185.184.8.90	() ()
4 4	216.200.232.249 216.200.232.249	() ()
4	69.173.144.138 69.173.144.138	() ()
8 8	37.157.2.237 37.157.2.237	() ()
8 8	37.252.173.215 37.252.173.215	() ()
4	69.173.144.139 69.173.144.139	() ()
4 8	52.59.66.68 52.59.66.68	() ()
12 16	142.250.185.130 142.250.185.130	() ()
4	185.86.137.122 185.86.137.122	() ()
4	35.244.174.68 35.244.174.68	() ()
4	209.54.176.128 209.54.176.128	() ()
8 8	3.126.56.137 3.126.56.137	() ()
8 8	15.197.193.217 15.197.193.217	() ()
12 12	3.120.1.163 3.120.1.163	() ()
2 2	193.0.160.129 193.0.160.129	() ()
2 2	3.126.46.237 3.126.46.237	() ()
1 1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	() ()
146	31

1 192.64.119.51 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

weakspell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

weakstreams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:3ac7 (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a465 (United States)

ASN13335 (CLOUDFLARENET, US)

befirstcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:8600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3bc7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:28:cb6:3::11 (Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)

r6---sn-n02xgoxufvg3-2gbs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.92.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (None, )

ASN- ()

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 51.75.86.98 (None, ) 8 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (None, )

ASN- ()

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:2ac9 (None, )

ASN- ()

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3037::ac43:9e3b (None, )

ASN- ()

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (None, )

ASN- ()

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.200.232.249 (None, ) 4 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (None, )

ASN- ()

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.237 (None, ) 8 redirects

ASN- ()

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.173.215 (None, ) 8 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.59.66.68 (None, ) 4 redirects

ASN- ()

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.130 (None, ) 12 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.122 (None, )

ASN- ()

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.176.128 (None, )

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.126.56.137 (None, ) 8 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.193.217 (None, ) 8 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.120.1.163 (None, ) 12 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (None, ) 2 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.46.237 (None, ) 2 redirects

ASN- ()

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (None, ) 1 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	onetag-sys.com 8 redirects onetag-sys.com	20 KB
32	weakstreams.com weakstreams.com — Cisco Umbrella Rank: 221031	245 KB
18	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net	129 KB
12	bidswitch.net 12 redirects x.bidswitch.net	7 KB
10	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 18775 tag.vlitag.com — Cisco Umbrella Rank: 22509 assets.vlitag.com — Cisco Umbrella Rank: 22368 media.vlitag.com — Cisco Umbrella Rank: 29576	622 KB
8	adsrvr.org 8 redirects match.adsrvr.org	4 KB
8	yahoo.com 8 redirects ups.analytics.yahoo.com	2 KB
8	advertising.com 4 redirects pixel.advertising.com	2 KB
8	adnxs.com 8 redirects ib.adnxs.com	7 KB
8	adform.net 8 redirects dmp.adform.net	4 KB
8	rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com	2 KB
7	vliplatform.com px.vliplatform.com	5 KB
4	amazon-adsystem.com s.amazon-adsystem.com	2 KB
4	rlcdn.com id.rlcdn.com
4	smartadserver.com ssbsync-global.smartadserver.com	300 B
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	quantumdex.io useast.quantumdex.io	784 B
4	consensu.org test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5832 quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2167 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10095	163 KB
3	creativecdn.com prebid-eu.creativecdn.com	528 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	4dex.io script.4dex.io	24 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 670 r6---sn-n02xgoxufvg3-2gbs.googlevideo.com	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	befirstcdn.com befirstcdn.com — Cisco Umbrella Rank: 869934	87 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 417	127 KB
1	quantserve.com 1 redirects pixel.quantserve.com	510 B
1	adnxs-simple.com ib.adnxs-simple.com	837 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	28 KB
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 32679	1004 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 942	12 KB
1	weakspell.com 1 redirects weakspell.com	240 B
0	pubmatic.com Failed image8.pubmatic.com Failed
146	36

	Domain	Requested by
44	onetag-sys.com	8 redirects assets.vlitag.com onetag-sys.com
32	weakstreams.com	weakstreams.com
16	cm.g.doubleclick.net	12 redirects onetag-sys.com
12	x.bidswitch.net	12 redirects
8	match.adsrvr.org	8 redirects
8	ups.analytics.yahoo.com	8 redirects
8	pixel.advertising.com	4 redirects onetag-sys.com
8	ib.adnxs.com	8 redirects
8	dmp.adform.net	8 redirects
7	px.vliplatform.com
5	assets.vlitag.com	tag.vlitag.com weakstreams.com
4	s.amazon-adsystem.com	onetag-sys.com
4	id.rlcdn.com	onetag-sys.com
4	ssbsync-global.smartadserver.com	onetag-sys.com
4	pixel.rubiconproject.com	onetag-sys.com
4	pixel-eu.rubiconproject.com	onetag-sys.com
4	sync.mathtag.com	4 redirects
4	useast.quantumdex.io	assets.vlitag.com
3	prebid-eu.creativecdn.com	assets.vlitag.com
2	a.sportradarserving.com	2 redirects
2	p.rfihub.com	2 redirects
2	script.4dex.io	assets.vlitag.com script.4dex.io
2	quantcast.mgr.consensu.org	assets.vlitag.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	tag.vlitag.com	services.vlitag.com tag.vlitag.com
2	befirstcdn.com	weakstreams.com befirstcdn.com
2	services.vlitag.com	weakstreams.com services.vlitag.com
1	pixel.quantserve.com	1 redirects
1	ib.adnxs-simple.com	assets.vlitag.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	r6---sn-n02xgoxufvg3-2gbs.googlevideo.com	weakstreams.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	cdn.jsdelivr.net	assets.vlitag.com
1	test.quantcast.mgr.consensu.org	assets.vlitag.com
1	imasdk.googleapis.com	tag.vlitag.com
1	www.googletagservices.com	tag.vlitag.com
1	youradexchange.com	befirstcdn.com
1	www.googletagmanager.com	weakstreams.com
1	fonts.googleapis.com	weakstreams.com
1	use.fontawesome.com	weakstreams.com
1	weakspell.com	1 redirects
0	image8.pubmatic.com Failed	onetag-sys.com
146	45

This site contains links to these domains. Also see Links.

Domain
soccerstreams.net
nflbite.com
nbabite.com
nhlbite.com
mlbshow.com
mmastreams.cc
boxingstreams.cc
formula1stream.cc
footybite.cc
rsoccerstreams.com
nflstreams.to
redditnflstreams.net
nbastreams.to
redditnbastreams.org
nhlstreams.to
redditnhlstreams.com
mlbstreams.to
redditmlbstreams.live
youradexchange.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
quantcast.mgr.consensu.org R3	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2022-02-25` - `2023-03-28`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://weakstreams.com/
Frame ID: C365B8495222A797C5FDDC90B508B858
Requests: 81 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1649839761&d=18035&z=76348&divID=vi_1803576348_1&w=970&h=250
Frame ID: 0ACF56BE7EC0DC9D6094FAD4C919155B
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1
Frame ID: 8B47E47AEDAFDFD9286BE433B10B001C
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1
Frame ID: 2A1B8C9038A032E2DE72E55CFF69E83F
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1
Frame ID: 1676D65EDE0C59DAC7D7C2A9BFCEA3FE
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1
Frame ID: D2739EE9B1187DBC896333AFCCD0E84E
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WeakStreams.com - NBA, MMA, UFC, Boxing, NFL Sports HD Streams - Weakstreams -

Page URL History Show full URLs

http://weakspell.com/ HTTP 301
http://weakstreams.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

146
Requests

34 %
HTTPS

48 %
IPv6

36
Domains

45
Subdomains

31
IPs

4
Countries

1586 kB
Transfer

4583 kB
Size

4
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://soccerstreams.net/
Title: Soccer Streams

Search URL Search Domain Scan URL

URL: https://nflbite.com/
Title: NFL Streams

Search URL Search Domain Scan URL

URL: https://nbabite.com/
Title: NBA Streams

Search URL Search Domain Scan URL

URL: https://nhlbite.com/
Title: NHL Streams

Search URL Search Domain Scan URL

URL: https://mlbshow.com/
Title: MLB Streams

Search URL Search Domain Scan URL

URL: https://mmastreams.cc/
Title: MMA Streams

Search URL Search Domain Scan URL

URL: http://boxingstreams.cc/
Title: Boxing Streams

Search URL Search Domain Scan URL

URL: https://formula1stream.cc/
Title: F1 Streams

Search URL Search Domain Scan URL

URL: https://footybite.cc/
Title: Footybite.cc

Search URL Search Domain Scan URL

URL: https://rsoccerstreams.com/
Title: Rsoccerstreams.com

Search URL Search Domain Scan URL

URL: https://nflstreams.to/
Title: NFLstreams.to

Search URL Search Domain Scan URL

URL: https://redditnflstreams.net/
Title: Redditnflstreams.net

Search URL Search Domain Scan URL

URL: https://nbastreams.to/
Title: NBAstreams.to

Search URL Search Domain Scan URL

URL: https://redditnbastreams.org/
Title: Redditnbastreams.org

Search URL Search Domain Scan URL

URL: https://nhlstreams.to/
Title: NBAstreams.to

Search URL Search Domain Scan URL

URL: https://redditnhlstreams.com/
Title: Redditnhlstreams.com

Search URL Search Domain Scan URL

URL: https://mlbstreams.to/
Title: MLBstreams.to

Search URL Search Domain Scan URL

URL: https://redditmlbstreams.live/
Title: Redditmlbstreams.live

Search URL Search Domain Scan URL

URL: http://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://weakspell.com/ HTTP 301
http://weakstreams.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

http://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1649889910&ei=Fv5WYtGJCIWWkwaP_6e4DA&ip=184.164.141.146&id=o-ABLgnLX1MI9s0WiOgpPlgOV9P3BoUpByzizcmk-5OBOJ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C29&mn=sn-a5meknsy%2Csn-a5mlrnel&ms=au%2Crdu&mv=u&mvi=1&pl=23&spc=4ocVCz_KdnLNoJBR-km8qCYbzZPk&vprv=1&mime=video%2Fmp4&ns=ISLmO8Vw-Bx0p4bqQviXHckG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1649867136&fvip=6&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=O-e7TcRBlZebpmDg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgbk_zlKq75mm1Zsje_3UCIFR8tAnyU-YrgIjU56w5yWYCIQDZh1iIc2VXp9Y31kczvqoiB6059t_O7mitgu0VXhJIlQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgcebA43RpKh0ZLKsGF_KjGO7EQKADRePWz9T6Oso3vKsCIBnlbuosbMecBE6fTzfMtVpFVpHtP5qNV70EbNSXqmR3 HTTP 302
https://r6---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1649889910&ei=Fv5WYtGJCIWWkwaP_6e4DA&ip=184.164.141.146&id=o-ABLgnLX1MI9s0WiOgpPlgOV9P3BoUpByzizcmk-5OBOJ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVCz_KdnLNoJBR-km8qCYbzZPk&vprv=1&mime=video%2Fmp4&ns=ISLmO8Vw-Bx0p4bqQviXHckG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=O-e7TcRBlZebpmDg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgbk_zlKq75mm1Zsje_3UCIFR8tAnyU-YrgIjU56w5yWYCIQDZh1iIc2VXp9Y31kczvqoiB6059t_O7mitgu0VXhJIlQ%3D%3D&cms_redirect=yes&mh=3a&mip=2a02:6ea0:c71b:0:1012:2fb2:f3d9:be0&mm=31&mn=sn-n02xgoxufvg3-2gbs&ms=au&mt=1649880306&mv=m&mvi=6&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMN7Tqqc9n8oA3AhAFXlCwOUrXyrbO-1s2skAL3qhQBkCIQCRy4OevHUVOkhffeN2W4knoF-UQpNaYnfZ_LRmuFmuJw%3D%3D

Request Chain 86

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/f20c6257-2e0a-4700-bc9c-616238daa0cf

Request Chain 88

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://onetag-sys.com/sync/i,34/8477243782789184426

Request Chain 89

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083

Request Chain 91

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 92

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjZ9WpEHNMFqMZLS_bWy1NrdNNsVwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjZ9WpEHNMFqMZLS_bWy1NrdNNsVwQ&google_tc=

Request Chain 95

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJcmFiOUq4RDuYXt16e1yLk&google_cver=1

Request Chain 98

https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A

Request Chain 99

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Request Chain 100

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920440752985&expires=30&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

Request Chain 101

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/99616257-2e0a-4c00-a5e6-fd143524af7d

Request Chain 103

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://onetag-sys.com/sync/i,34/3638762136252355038

Request Chain 104

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083

Request Chain 106

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 107

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjwbgdidUnvaPTy-phH_osXRAJv9UQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjwbgdidUnvaPTy-phH_osXRAJv9UQ&google_tc=

Request Chain 110

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfI_c0nVCAi22qZKMm2wGk&google_cver=1

Request Chain 113

https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A

Request Chain 114

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Request Chain 115

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559723017563303&expires=30&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

Request Chain 116

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/4e466257-2e0a-4800-bef5-e715640eefe1

Request Chain 118

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://onetag-sys.com/sync/i,34/2406683242989810191

Request Chain 119

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9006142924590647076

Request Chain 121

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 122

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkj3PLGTtX2FuwMM0Wop0mFHVEQQ11w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkj3PLGTtX2FuwMM0Wop0mFHVEQQ11w&google_tc=

Request Chain 125

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECX0dRpDlhzc2IqDvNlJXdE&google_cver=1

Request Chain 128

https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A

Request Chain 129

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Request Chain 130

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ade05092-5f17-4eb9-9b60-bfc8b41202fd&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

Request Chain 131

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/cd446257-2e0a-4200-a770-328269ffdd8a

Request Chain 133

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4 HTTP 302
https://onetag-sys.com/sync/i,34/6573734568301201423

Request Chain 134

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1603681157827408698

Request Chain 136

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 137

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSL1W30-fARxtdhm-JvOybMV9J4KZWi7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSL1W30-fARxtdhm-JvOybMV9J4KZWi7A&google_tc=

Request Chain 140

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEILZ_aVGgdmW6CNDJtftn9w&google_cver=1

Request Chain 143

https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A

Request Chain 144

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Request Chain 145

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&&user_id=IqEpPyb2LDE58Ck4d_cxMHGlLm45pno4J6VnyDWE HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

146 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
weakstreams.com/
Redirect Chain

http://weakspell.com/
http://weakstreams.com/

28 KB
8 KB

55ms
37ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://weakstreams.com/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

de50c4b2ed2b7779b6cd7da05e94cf9b4bff502c847fe1334c226f636f61fbd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 3575
CF-Cache-Status: HIT
CF-RAY: 6fb6d7113ab88fe3-FRA
Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Apr 2022 20:09:33 GMT
Last-Modified: Wed, 13 Apr 2022 19:09:58 GMT
Link: <http://weakstreams.com/wp-json/>; rel="https://api.w.org/"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8touA%2BDNe5Udy1NyURVJ8o%2B6UB8skBrKod%2BH5rfWj4XHymJaDF2AjHbvX2qgz1FCEhQBfusJziOliu9wFXidnLyGZ7Z3%2FB3HEdqMmSxnEP%2F5ioSas4xfKWIsZcy05Se0uKdjKufKi%2BEIiFDT3gA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: DLEMP
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 57
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Apr 2022 20:09:33 GMT
Location: http://weakstreams.com
Server: nginx
X-Served-By: Namecheap URL Forward

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 56ms
29ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6768648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KM9WC41QGTX7314V
x-amz-id-2: TqDxe5m1nS2C2HKJ9SMMtMLcj2P4narsgLwmcYcxIk7ANB1KgDzcEqrWwy2kRUs3bR4KzxnMk+U=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrNSgBaY0byjPoGoqYc2a3qkT%2BnQrIZVA%2BM2%2B02IEy%2FheHjZNn7rLLpdeBvRKHBxI%2FXGvDiNKnWc9w%2BsOQpgnfZcvlhFSKxMCrzQGaq4I9tJSX1JEwkvyJOcShba67Sk8JgGaypMwnlY5QrHHE8rf3LN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6fb6d711ca5b91e9-FRA

GET
H/1.1 200
OK / Show response
services.vlitag.com/adv1/ 1008 B
1 KB 155ms
136ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://services.vlitag.com/adv1/?q=a7252188c690b03159f6d8ca5ad5425f
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e505f136a0c71eedb2c6c969b2113b890a72f4a2f877a045ceb752b6f3460ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Wed, 13 Apr 2022 20:09:33 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
CF-RAY: 6fb6d711b9af9972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK style.min.css
weakstreams.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 31ms
29ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2895
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-13abe"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU4LGiSbn4qjKEZWHM4F8e%2FZUGP%2FEd7DnmHucXpt6Re4Q0fSFKOHvhW8z4TYirFZD5M8Yrqv6EKMctnXgUQe%2BCzQ6dYlL6HIce1Ylc256vc%2BGBNKPs3xCnOSNhHQXHxFpCbwfSPfc22nVKEu%2Fpg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d7119b838fe3-FRA
Expires: Fri, 13 May 2022 19:21:18 GMT

GET
H/1.1 200
OK frontend.css
weakstreams.com/wp-content/plugins/wp-dark-mode/assets/css/ 28 KB
4 KB 39ms
31ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/plugins/wp-dark-mode/assets/css/frontend.css?ver=2.2.3
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5e880c8de639677c2ec0a2759d646fc8a6ff41245d648994176a8f1f22c0dcaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2980
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 07 Jan 2022 04:06:24 GMT
Server: cloudflare
ETag: W/"61d7bc40-6f7f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jb26npZztR1YVyJQEgHf5BTMGdpRs4%2Bdr3XrC%2BTtGbz2jOCpTg%2FmHG%2BjWuYtcTl%2FiMk1TrkMC2l3lTA7DBqEFVZ7piY8VKPXwytkHikyHipWQIFk%2Fga5mZheqk%2FhBvU0Dd5CxR6YMTqfloWfsTM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Expires: Fri, 13 May 2022 19:19:53 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Polished: origSize=28543
CF-RAY: 6fb6d711aade9b8e-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK style.css
weakstreams.com/wp-content/themes/twentyfourteen/ 72 KB
14 KB 43ms
35ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/style.css?ver=5.8.4
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 0fb530167abf9b6bf2481c7feb2967b3e66c66f9db844eb1f0eb6e777ee535e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3601
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 23 Sep 2021 13:08:40 GMT
Server: cloudflare
ETag: W/"614c7c58-18431"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kivzO1ZMavBMasCIbX5jePmYhvphKitJhONrEm1ypf%2BmUqkWbbGVLebl%2Bo9KNe5DIgqdTSBPAq34GFBnfAKx1QddHFsf9cw3dETS7ZiPAgohh6iIjoPTSVkvdQUzfDuRZItYz%2BeXlvPVw5sxnN8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Expires: Fri, 13 May 2022 19:09:32 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Polished: origSize=99377
CF-RAY: 6fb6d711ad489152-FRA
Cf-Bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 44ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback

Requested by

Host: weakstreams.com
URL: http://weakstreams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

891f297e31f36ff74f887d8862c4f1456e8ba58babb66592cea99be878390e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 19:24:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 20:09:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 20:09:33 GMT

GET
H/1.1 200
OK genericons.css
weakstreams.com/wp-content/themes/twentyfourteen/genericons/ 28 KB
19 KB 30ms
23ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/genericons/genericons.css?ver=3.0.3
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 0d592e90d2e1764438cac053d90e029c4ef7142435795f57a89dc16ddce0ca23

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3486
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Jul 2020 02:57:30 GMT
Server: cloudflare
ETag: W/"5f0a7c1a-7a0a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNc0qHYg88H6mZ0b2GMCT6UilZuhMG6lbPO0p8mCy9rl0dwtKzb5TztDrxy7zb837CGs7xw%2BMEW8wwujHkxGrvtbdrmTAcg%2BQ9jU1CZg18Lka269BZnIYZ8ySaCrZqyT27NMTh9X5KH8XD7jZ%2Fc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Expires: Fri, 13 May 2022 19:11:27 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Polished: origSize=31242
CF-RAY: 6fb6d711ad6b9b6e-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK style.css
weakstreams.com/wp-content/themes/fourteenpress/ 480 B
1 KB 61ms
54ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/themes/fourteenpress/style.css?ver=20190507
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: d401647007f1293fa897db13018f228ed4c191a790ccc9187c177a421d1d9a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3094
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Jun 2021 10:18:20 GMT
Server: cloudflare
ETag: W/"60bf43ec-654"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkXsq4DzkT%2FXI8KsHb0lsd5PtChrZ%2FsWme%2FjW4%2B6SyiQUc0A3yGWmDifyjfBioY6TF9CG5gfkQakw%2FlEB63iZb2wOAdh1yO%2BOMVjgPxYXImnMzWWrBi%2F9ODf%2FkDWPcSpLHmpjGSEt%2FDQw5klFTw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Expires: Fri, 13 May 2022 19:17:59 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Polished: origSize=1620
CF-RAY: 6fb6d711acd19a1d-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK blocks.css
weakstreams.com/wp-content/themes/twentyfourteen/css/ 5 KB
2 KB 33ms
25ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/css/blocks.css?ver=20190102
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 28491d4111952bdf89279a46420f26a28d788d664ac17267937ea70b5b22764c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2560
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Jul 2020 02:57:30 GMT
Server: cloudflare
ETag: W/"5f0a7c1a-1e95"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKOaLRwr4ptMsJ1PUjsrRaqmKeAcF%2FEbCUONfVu6kr%2FHFuhdTBvUy5TuA%2BZiEJaymgZxf6HHlDgxHn6PEBihqPTrcDSyaz3cyC%2BAeRvtxgXjHa%2FPjkS3hmBOn7%2Fb88fgbteu0acjYlpADxO8wO4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Expires: Fri, 13 May 2022 19:26:53 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Polished: origSize=7829
CF-RAY: 6fb6d711a9279000-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK jquery.min.js Show response
weakstreams.com/wp-includes/js/jquery/ 87 KB
31 KB 48ms
16ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4320
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-15db1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QLCleiyEcYRtddfrholEW8yMaTG8jYZk0lajrb6vYsGUmJIvoIsNnK%2FJJDzzggb4k6i89AxltSKQnfWNmXPJOizUGThN8lG0ADGC9zkYBIcUNefjkRIWMrdxgAgjwllBFBAiu2oGzU7AvEDM0M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d711cdcc9b6e-FRA
Expires: Fri, 13 May 2022 18:57:33 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
weakstreams.com/wp-includes/js/jquery/ 11 KB
5 KB 45ms
15ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 7078
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-2bd8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yr5v%2FJRz0FIhOo3uqmSU9hQiMY0CouxtOXxHt91KGg3SD8ehKvHiANDj4rCEuhXXtIsGrOgTsnExM67wOuKvhoQz6haXYQ%2FQiNr4p6lLRNtEyRS4mqk8AYghjrWVP%2Bpf5gkUZoS6Vii%2Bi12wRM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d711cc188fe3-FRA
Expires: Fri, 13 May 2022 18:11:34 GMT

GET
H/1.1 200
OK dark-mode.js Show response
weakstreams.com/wp-content/plugins/wp-dark-mode/assets/js/ 60 KB
20 KB 49ms
16ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.js?ver=2.2.3
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e3511df69c286f7065973f31a1ea1ed5e1536a5fdc4ccef1b494da064836f379

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3173
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 07 Jan 2022 04:06:24 GMT
Server: cloudflare
ETag: W/"61d7bc40-ee41"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ipw7zAJroaLktNTV2ogoOT6cBCBXkZFmNAY7fc4X2CFLa%2FlBef4pbsEgMQD3z8N6N5LV4wMcUUVye6BezVaVJiWy8aRKcO6NHY78unR85N3snlFFcWNKvR3LO1%2FVb1NNhF1sJ8ONW6lgd8dites%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Fri, 13 May 2022 19:16:40 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Polished: origSize=60993
CF-RAY: 6fb6d711d9799000-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK logo.png
weakstreams.com/ 9 KB
10 KB 19ms
17ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/logo.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: ba462ce8e635f0fa1ede82d95e872e1ad1843a678e4781dbf56e67d685c6ce1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 7175
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 9379
Last-Modified: Thu, 23 Sep 2021 14:32:48 GMT
Server: cloudflare
ETag: "614c9010-24a3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PohMNj57DlSTdSmFgxuNLYH54Dsk8hTACSaJushjbFzxfs%2FMxpXPymEVtQ6uWReu25VsEuZjrG8QCFS33kWBT4maW150UJZIfPKzbFyomLdmeg0ol2Unyvt8esSOpYzKbySyYFIp0rmoaifXgUQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d712ce4a8fe3-FRA
Expires: Fri, 13 May 2022 18:09:58 GMT

GET
H/1.1 200
OK sun.svg
weakstreams.com/wp-content/plugins/wp-dark-mode/assets/images/btn-3/ 863 B
1 KB 19ms
18ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/plugins/wp-dark-mode/assets/images/btn-3/sun.svg
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 1b5a4b210950515793f186293b3af2410a5e67e5a541672926ca8d7fe3e7ae36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3285
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 07 Jan 2022 04:06:24 GMT
Server: cloudflare
ETag: W/"61d7bc40-35f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SjEf593yoxRyv7XM%2FZ8GtL3wD%2BjTe%2BRJY%2FNUntk9PnqiYxRemD2Bo6hxFb%2BF%2FluscNa4Kvzy5wLPSyrO9yGEy0eAkokcA6ekgz9rYY2xloxHVXp2rvccxzl7YwoPq0Q7Q5Hvpl3%2BTRo6vKTaDo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d712c8199152-FRA
Expires: Fri, 13 May 2022 19:14:48 GMT

GET
H/1.1 200
OK moon.svg
weakstreams.com/wp-content/plugins/wp-dark-mode/assets/images/btn-3/ 685 B
1 KB 16ms
15ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/plugins/wp-dark-mode/assets/images/btn-3/moon.svg
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e2d671327bb6325b532289bffa23656e0564f1feade02f81cd9fabaaaf88eebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1848
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 07 Jan 2022 04:06:24 GMT
Server: cloudflare
ETag: W/"61d7bc40-2ad"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuwKyJXNxnxJl8JQE8Ma6f7nXWeG%2F9M9ohUNH%2BCu7BT8J6klv6ydeuoiNGPiiR7BLDbq9fXDeWsGAMfuLsOjhPN%2B6ofxQqP2Y5cjTkl3zXGx5uy0OkDxgzodC1na1YsGT63NPEbISh4AvPr7fFE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d712cd979b8e-FRA
Expires: Fri, 13 May 2022 19:38:45 GMT

GET
H/1.1 200
OK underscore.min.js Show response
weakstreams.com/wp-includes/js/ 19 KB
8 KB 20ms
20ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 617
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-4a84"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhYIEY9D%2Ft%2BZumAXE6spac3FJii3TGYNynCVvQojGcaXFctC2i6Sj4mqTwDxQanS8l1OcXENibnL3GIG4RaGlxyIrJLt62J8UfI1FzLDN8j2I9FxR99y4CvNJkHdgVM62aFnw08PoOKqWueEGNY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d7120dbc9a1d-FRA
Expires: Fri, 13 May 2022 19:59:16 GMT

GET
H/1.1 200
OK wp-util.min.js Show response
weakstreams.com/wp-includes/js/ 1 KB
2 KB 15ms
15ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/wp-util.min.js?ver=5.8.4
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3093
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-53c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMc7dMXt4lOXVmm%2FFXXkz8os7cDYCSwbx2yKVu71Z40pEYdo9wHMIQqSA2wq5Dy0nZ4%2FPpHyZiOew7tlAdhdjnv2MusIpCOoAyJWpQJM2KXn1F7BHAQSpzBCKcJ3p0wdIF7hrEz3pNMyJAR%2BmbA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d7122e119a1d-FRA
Expires: Fri, 13 May 2022 19:18:00 GMT

GET
H/1.1 200
OK frontend.min.js Show response
weakstreams.com/wp-content/plugins/wp-dark-mode/assets/js/ 8 KB
3 KB 39ms
39ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js?ver=2.2.3
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 101e7af6edd4d028c5fb43b0bfb990e13fe7b47e6dccd045aac2bdc51d92a8e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2802
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 07 Jan 2022 17:05:48 GMT
Server: cloudflare
ETag: W/"61d872ec-2067"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80jbrT1klFm5Kud1uXk7PnbJ2LAcJT7QlfT%2F%2B7t050pLu3rUkbO6NAe4LY79QQuO3Ioa26u6pN7NQ3opFN8A1FekKKEItSGFo1Q6B%2F5L2tVM9fgMnXC2K6BKd%2BB3Z%2BsVm1n98tW%2FE2yCaQ9SVEQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d7123e509a1d-FRA
Expires: Fri, 13 May 2022 19:22:51 GMT

GET
H/1.1 200
OK imagesloaded.min.js Show response
weakstreams.com/wp-includes/js/ 5 KB
3 KB 25ms
25ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3336
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-15fd"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpwcLHNgysOtal5XJ3SQb%2FmIwcyopFGWYEsEDRTX7rISEhKsMAGir5DOxLUJ7DFe7yS8L3H%2FbddNAr63T1Oe57t6KNL2iFJ%2BipP%2BzkAaqjvsMb9KYgiVOiX3u2WEtwcln1QtRitjfYqxaSUu1e0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d7128f039a1d-FRA
Expires: Fri, 13 May 2022 19:13:57 GMT

GET
H/1.1 200
OK masonry.min.js Show response
weakstreams.com/wp-includes/js/ 24 KB
8 KB 18ms
18ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2936
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-5e4a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHr0GvUZrDZVCyjepcUzdmz7q%2F86GFLYXWUyjFZdXvQs%2FFXcOS3UkxhGYIP3zZkoBGqvbiVRsKwBmDRNz9bMRytsjp0kOWXZvarSkcKz31fRcWCulfakqwwSziQ7vkMupGK0nIDvAqCWXHoiyWA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d7129aeb9000-FRA
Expires: Fri, 13 May 2022 19:20:37 GMT

GET
H/1.1 200
OK jquery.masonry.min.js Show response
weakstreams.com/wp-includes/js/jquery/ 2 KB
2 KB 16ms
15ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 295
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 Aug 2016 11:55:30 GMT
Server: cloudflare
ETag: W/"57b5a232-71b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLrYAX%2FWtHqfQjy8ogsM55bUXJSCUkenwtp8gDzUqwD7LTHj%2BXuGs4E7M9Sd1qr8mErnMszvuGMTLwtOusY6xFNajPq55QD1yUx9JrtQA7NRsSo1V%2BfXtt%2BYxYjOqdyzs4yJdEh93ewZq2w0dG0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d712cb789000-FRA
Expires: Fri, 13 May 2022 20:04:37 GMT

GET
H/1.1 200
OK functions.js Show response
weakstreams.com/wp-content/themes/twentyfourteen/js/ 4 KB
2 KB 20ms
18ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/js/functions.js?ver=20171218
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: ad77c9e3611a79ed355cbe5fe68efc7bb59b7357caf283271c547be0b714df36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3189
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Jul 2020 02:57:32 GMT
Server: cloudflare
ETag: W/"5f0a7c1c-179a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExRvGPCrBQJHKXq3pxBrmLHsXEVbQDSI7Peo1AYmsAM27voBtXRaSg%2BiHedKYQDQJbx6STTdvwpTaJ5YoDgaDMMQk3YSVzkiBIWRgSFGQFuISWvVcKLyFx%2B4B0lZvNvIyey7dzjEVV3geJPlhpk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Fri, 13 May 2022 19:16:24 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Polished: origSize=6042
CF-RAY: 6fb6d712cf9f9a1d-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK wp-embed.min.js Show response
weakstreams.com/wp-includes/js/ 1 KB
2 KB 24ms
23ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/wp-embed.min.js?ver=5.8.4
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1006
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 May 2021 02:21:10 GMT
Server: cloudflare
ETag: W/"609c8d16-592"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCVC2%2FKuj7SYdART6RzH94jQzegwq%2B73NnsPYgegwqY8AY0JKl80Lv3O1dWKsVsM%2FgbGwJjYeNDCJBU2D1Z7ew%2FOySDZ4y%2FkXaDWqY6o%2F3BvmaFqOSZc5TTusG9CRW75j8j4iFIonYQC22VfjyM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d712c8de9b6e-FRA
Expires: Fri, 13 May 2022 19:52:47 GMT

GET
H/1.1 200
OK nwsu.js Show response
befirstcdn.com/script/ 167 KB
53 KB 49ms
31ms Script
application/javascript 2606:4700::6810:a465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://befirstcdn.com/script/nwsu.js
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57793c72d367be6d5a6c31d150789c52aaf02a5709036e37996a7d0923bf5a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 476
X-GUploader-UploadID: ADPycdvayRLlLjxPZ0oyUJkIY3wZqHkdAwHJVi_qq45X0kWrrhI0gWj6s3JtPgnUGWpl6-ILG1mXsidwYGCTvpzxEBuz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: application/javascript
Last-Modified: Tue, 12 Apr 2022 06:47:07 GMT
Server: cloudflare
ETag: W/"5081a251f922d8221166a610141b2844"
Vary: Accept-Encoding
x-goog-hash: crc32c=oipbAA==, md5=UIGiUfki2CIRZqYQFBsoRA==
x-goog-generation: 1649746027425280
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 171015
CF-RAY: 6fb6d712e8cc91f9-FRA
Expires: Thu, 14 Apr 2022 00:09:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145079013-1

Requested by

Host: weakstreams.com
URL: http://weakstreams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3439f92804f8cce08ab5d2c45845d33e7e3f9c2e8939a67e4884defff195b20d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38424
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Apr 2022 20:09:33 GMT

GET
H2 200 vld.json Show response
services.vlitag.com/uv/ 13 B
385 B 46ms
27ms XHR
application/json 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/uv/vld.json?page_url=http%3A%2F%2Fweakstreams.com%2F&mtk=18035&ctt=1649839761
Requested by: Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=a7252188c690b03159f6d8ca5ad5425f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:33 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Apr 2022 08:49:37 GMT
server: cloudflare
age: 36838
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://weakstreams.com
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6fb6d712b87c90ac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 200
OK a7252188c690b03159f6d8ca5ad5425f.js Show response
tag.vlitag.com/v1/1649839761/ 524 KB
138 KB 43ms
26ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.vlitag.com/v1/1649839761/a7252188c690b03159f6d8ca5ad5425f.js?cc=DE
Requested by: Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=a7252188c690b03159f6d8ca5ad5425f
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb5647b263126f107c222a6308576dea731dba415a66c69e2add5c38e55168d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Cf-Bgj: minify
Server: cloudflare
Age: 39249
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Last-Modified: Wed, 13 Apr 2022 08:49:32 GMT
Connection: keep-alive
CF-RAY: 6fb6d712eb3f925f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
weakstreams.com/wp-includes/js/ 18 KB
6 KB 24ms
24ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weakstreams.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2457
X-Powered-By: DLEMP
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 12 Sep 2021 07:42:48 GMT
Server: cloudflare
ETag: W/"613daf78-4705"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SckqXIX4ECFykRdZX3xKL1JHFs6OTsFf3LjRdwrrfMGlw32JKsJoQAlJkzcruplupJVkSpKHKhlU3GwC6RU7u27IIXQKear3q7r%2B6QwhTNgHC4rWBll6dmb%2FjwnWVYyiexQ1b%2BvkLkyzqW%2BEe8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
CF-RAY: 6fb6d712ebb99000-FRA
Expires: Fri, 13 May 2022 19:28:36 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0

Request headers

Referer: http://weakstreams.com/
Origin: http://weakstreams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://weakstreams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 2318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:30:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://weakstreams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 2295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:31:18 GMT

GET
H/1.1 200
OK soccer.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 9 KB
9 KB 21ms
20ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/soccer.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 868b8bb442dd4bd3803279d5a92abd16f1b49fae0c4ba2b6827fc2fe8d2f8f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2998
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 8850
Last-Modified: Thu, 10 Jun 2021 07:38:52 GMT
Server: cloudflare
ETag: "60c1c18c-2292"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4RgzHVNENzY0Ay40nA%2B9qSmqxA6quwwsDiDyHaDWif3s5YKn9JLFkfi0qY3h%2ByIfKuMKvi3qwurPfq3zB1NaIMZaTzUR3yNhYOmAGMq7K9%2BdGBp1nVfRR2b72CGeOBaPB4sprgFvP8JWng3y7w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d712f94d9b6e-FRA
Expires: Fri, 13 May 2022 19:19:35 GMT

GET
H/1.1 200
OK nfl.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 7 KB
8 KB 20ms
19ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/nfl.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 07948b47aeb2c381cdc6288c43b2fdaa6593d2482e713aa9853ff4da3bce3537

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 754
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 7482
Last-Modified: Thu, 10 Jun 2021 07:43:58 GMT
Server: cloudflare
ETag: "60c1c2be-1d3a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K66Dhoq0XqA3K5nXYF9eka14kq7JAtAULHJ4JoJSTke3gqoVv5prFCbZWBZ2Qz7p2lMob0SBKWajg1mO8jbsxe%2FVnB62pmw23AlWNoba7Pei57JSXk4jsBlJ%2B3E3hxrKlAe5lAeTeQyuzDfqEVs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d712fec98fe3-FRA
Expires: Fri, 13 May 2022 19:56:59 GMT

GET
H/1.1 200
OK nba.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 9 KB
10 KB 19ms
18ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/nba.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 8666e92d8203fd8fe3e28ffd63c6cd2266ba7799d1258208a4b25c07a5809234

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3074
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 8934
Last-Modified: Thu, 10 Jun 2021 07:43:56 GMT
Server: cloudflare
ETag: "60c1c2bc-22e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw4DxFiVBUKoVRocCo3R7MRaB0BoDXrHdZENpyDonImPnqq0alb%2Bx3nMxyh%2BTNxOwqJ7cBvNDZ8BHENdgtKPEB%2FMs2hibw%2FsvoKzM1QgqrIeCMn1DRbnc%2Ff0OjehtaOHgHPBwjau5VxLcLgK12c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d712f8a09152-FRA
Expires: Fri, 13 May 2022 19:18:19 GMT

GET
H/1.1 200
OK nhl.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 5 KB
6 KB 16ms
16ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/nhl.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 9d2dc93d78a574c2e1bbe6155ddcec052e0f5bc527243ce85aba5e7a8d924fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6561
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 5585
Last-Modified: Thu, 10 Jun 2021 07:43:58 GMT
Server: cloudflare
ETag: "60c1c2be-15d1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGVPsIJsy%2FjSynsPrSKFaQ0vV6FnCKbbpz%2FtuaW4QCJwTkD8LYNEG8Gh3M9DMflLKkZ%2FHhAtSCVidGjInZ1Pv2nYAJ6pVLVeQDZiRHebVRJs4xubBP9ZZJMRxDhWkZN84xneTBspz6O7ted6REM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d712f80e9a1d-FRA
Expires: Fri, 13 May 2022 18:20:12 GMT

GET
H/1.1 200
OK mlb.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 9 KB
10 KB 17ms
16ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/mlb.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 0c400b4094040a4a01dc06f4217b28c2995c01e3c4bdc62d1447dd8f8b637927

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5626
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 9391
Last-Modified: Thu, 10 Jun 2021 07:43:56 GMT
Server: cloudflare
ETag: "60c1c2bc-24af"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZE944F%2FAtLjvQS3jkcMZ%2FwR6%2FkQyRGgX%2FDDaJ%2B2q6liUJQdn9Aq4ibSwSdpQZpGs%2BS42MBYFn1B5QmqlkwDFhzWUOfJXbUnm8fDHLxJpiNsjD380tn4WfU72NGyckUv6G72sIsMG4PjbW5WaLg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d712fe0c9b8e-FRA
Expires: Fri, 13 May 2022 18:35:47 GMT

GET
H/1.1 200
OK mma.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 7 KB
8 KB 16ms
14ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/mma.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 59f1c5465371205cfdb79dd3b08602ee13838e819116a3fd4794711030b0357e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 367
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 6941
Last-Modified: Thu, 10 Jun 2021 07:43:52 GMT
Server: cloudflare
ETag: "60c1c2b8-1b1d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQucTLyI6WSWSP5oBS%2FO1BEXJ84%2BooCUyyEhyvxr8SUcSm2AMOUSv0n%2Ffb%2FQ3EcvQg2dYslaUd2ipRNsawNvOUcnLqOzTMqcITw%2FNaEzoaDSwS0tVqG1POYupewin5fyq9Y2a2V4ZUoix0BYRMA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d7130bf69000-FRA
Expires: Fri, 13 May 2022 20:03:26 GMT

GET
H/1.1 200
OK boxing.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 7 KB
7 KB 37ms
23ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/boxing.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: a8f289144b0c29011dec73356760be435f2bff1374f57ef8c47bdebf85481069

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 725
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 6705
Last-Modified: Thu, 10 Jun 2021 07:43:50 GMT
Server: cloudflare
ETag: "60c1c2b6-1a31"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFyCc8elGzeVZbGe4xqe15e%2F6ASEnojoU1q5Dwey%2Brd221lRLNLivEgayb8O25sR9SfS5oWIKqnpK%2B68S9y9qN5lwfK5OrAS2tST1TXTnTeI7YEIU6TXL7Q0VjNXyShyIy%2FpzlBGmDbm9Eqdcts%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d71318f09152-FRA
Expires: Fri, 13 May 2022 19:57:28 GMT

GET
H/1.1 200
OK f1.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 8 KB
9 KB 33ms
19ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/f1.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: abd3d8fa018de1700f2812cd87ae4f4d2a69b1c0e87d16e1e08fb27e84704121

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6245
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 8325
Last-Modified: Tue, 03 Aug 2021 03:02:22 GMT
Server: cloudflare
ETag: "6108b1be-2085"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7PSeT8B0a961b2zi5xjc6YC5ibOf9PmbEkjuYVHhNNWp9F7NTNAxLDlbiOpWnYmS1%2Bo6xENfKEJa3AY5G4VlLYTJOPuMDaFOTaCyXZHqJxQprklTkCVIdcesbzyZiDHuxBSJXGV4TAtReEAU74%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d7131f1f8fe3-FRA
Expires: Fri, 13 May 2022 18:25:28 GMT

GET
H/1.1 200
OK tennis.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 7 KB
7 KB 27ms
16ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/tennis.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 46d8d0a590fc1be472fdd8416c3cab18089c24a754e00c6b4fec7685bd299a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6561
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 6778
Last-Modified: Tue, 03 Aug 2021 03:15:22 GMT
Server: cloudflare
ETag: "6108b4ca-1a7a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc7ucJf1IvSbIKA7JgzJqPqYPD4qDekRLMW5TU5oaNyOiu9Re9vRYDQ3m8McXoaqHo4dnMBs9zUhi75gGnxeDAQq3AImAX4q5Ly2wKhVJTYUTnUyIWAYLnuroeK7ijgboGHwQLnkCdaVKLLHnPQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d71318569a1d-FRA
Expires: Fri, 13 May 2022 18:20:12 GMT

GET
H/1.1 200
OK Cricket.png
weakstreams.com/wp-content/themes/twentyfourteen/images/ 7 KB
8 KB 26ms
14ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weakstreams.com/wp-content/themes/twentyfourteen/images/Cricket.png
Requested by: Host: weakstreams.com
URL: http://weakstreams.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 652eadae1a67317f46ba303b6be673ae728d7d26224ec53b2a26c6debae48bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5602
X-Powered-By: DLEMP
Connection: keep-alive
Content-Length: 7592
Last-Modified: Tue, 03 Aug 2021 03:19:48 GMT
Server: cloudflare
ETag: "6108b5d4-1da8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaV6rqEsC%2B73AsTvJ9emCXwgqWFqfwMPMs2dkIyhlAXvY23w7cubSGPj%2F9QjC8mLFCF3tmjkhz42oA%2FB43QCcvvbZIjwN3KPQ6UBQ7S%2Bpu6uWd%2BlQ3vDPEjiITaUDjrZ5Hnb3obS0L6AkucUBJo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 6fb6d7131e4e9b8e-FRA
Expires: Fri, 13 May 2022 18:36:11 GMT

GET
H/1.1 200
OK ut.js Show response
befirstcdn.com/script/ 106 KB
34 KB 23ms
23ms Script
application/javascript 2606:4700::6810:a465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://befirstcdn.com/script/ut.js?cb=1649880573971
Requested by: Host: befirstcdn.com
URL: http://befirstcdn.com/script/nwsu.js
Protocol: HTTP/1.1
Server: 2606:4700::6810:a465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14223e9b7fc0b453ace4795cfb257501ba7f327b6de9b0dc7f01fbde72b5f3d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 513
X-GUploader-UploadID: ADPycdvk-H_wkUL-ABrQliGym36JpvbZibXw8koEu2Fyecf7dJlLl13saxP-uF0Yapao1t9_uNvaOqxQfUTQ01mmRp0zOswXPkkP
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: application/javascript
Last-Modified: Tue, 12 Apr 2022 06:47:43 GMT
Server: cloudflare
ETag: W/"a3d826866ca0efc0cd8c09eec5ad9341"
Vary: Accept-Encoding
x-goog-hash: crc32c=0Z+KXg==, md5=o9gmhmyg78DNjAnuxa2TQQ==
x-goog-generation: 1649746063762665
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 108930
CF-RAY: 6fb6d713598e91f9-FRA
Expires: Thu, 14 Apr 2022 00:09:33 GMT

GET
H/1.1 200
OK suurl4.php Show response
youradexchange.com/script/ 995 B
1004 B 216ms
201ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/script/suurl4.php?r=5026951&cbur=0.40349452232780547&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=WeakStreams.com%20-%20NBA%2C%20MMA%2C%20UFC%2C%20Boxing%2C%20NFL%20Sports%20HD%20Streams%20-%20Weakstreams%20-&cbpage=http%3A%2F%2Fweakstreams.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
Requested by: Host: befirstcdn.com
URL: http://befirstcdn.com/script/nwsu.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: ba53e471be0c90abe88a1491a03a4bcde06cbc01881e3b67a4ae8a4f025074df

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 13 Apr 2022 20:09:34 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: application/json; charset=utf-8

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
72 KB 54ms
25ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1649839761/a7252188c690b03159f6d8ca5ad5425f.js?cc=DE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1137110
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 6fb6d713da4d9ba7-FRA
expires: Tue, 29 Mar 2022 15:39:01 GMT

GET
H/1.1 200
OK prebid-6.14.3.js Show response
assets.vlitag.com/prebid/default/ 597 KB
178 KB 34ms
19ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1649839761/a7252188c690b03159f6d8ca5ad5425f.js?cc=DE

Protocol

HTTP/1.1

Server

2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca88c87f38ffc56d763162e139ec8a6eb40fa627c00c396bd0a5714b921bb737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Age: 1053999
Cf-Polished: origSize=611403
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Apr 2022 15:22:31 GMT
Server: cloudflare
ETag: W/"624718b7-9544b"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Fri, 01 Apr 2022 15:52:50 GMT
Cache-Control: max-age=16070400
CF-RAY: 6fb6d713c88c928f-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1649839761/a7252188c690b03159f6d8ca5ad5425f.js?cc=DE

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b506eaaf30b2200d0d4606f74d281832e9331b1730007d9c0720d4be34cd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1186 / 879 of 1000 / last-modified: 1649866878"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 28334
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Wed, 13 Apr 2022 20:09:34 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
126 KB 55ms
29ms Script
text/javascript 2a00:1450:4014:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1649839761/a7252188c690b03159f6d8ca5ad5425f.js?cc=DE

Protocol

HTTP/1.1

Server

2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15377398f026b4beb337db55bf9021fb3090d44db1786fec179955ef3b14c2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Vary: Accept-Encoding
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 128424
X-XSS-Protection: 0
Expires: Wed, 13 Apr 2022 20:09:34 GMT

GET
H/1.1 200
OK sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
18 KB 43ms
29ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1649839761/a7252188c690b03159f6d8ca5ad5425f.js?cc=DE

Protocol

HTTP/1.1

Server

2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Age: 1147857
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-9806"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 6fb6d713cbc2913d-FRA
Expires: Tue, 29 Mar 2022 15:38:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145079013-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2084
date: Wed, 13 Apr 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 13 Apr 2022 21:34:50 GMT

GET
H2 200 pubads_impl_2022040701.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 31ms
7ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 16:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127673
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 08:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 13 Apr 2023 16:31:07 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 48 B
696 B 41ms
17ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=weakstreams.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9e0b2feac50232a2e19309cc1f282f8116a3e02e53bd196e25d0bbbbd335e206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Apr 2022 20:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60
x-xss-protection: 0
expires: Wed, 13 Apr 2022 20:09:34 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 39ms
7ms XHR
application/json 2600:9000:2156:e200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1

Request headers

Accept: application/json, text/plain, */*
Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 03:00:40 GMT
content-encoding: br
age: 61735
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 19:52:29 GMT
server: AmazonS3
etag: W/"40af78ddd5428a8827297a3108ff0f96"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: ErQ4DdluPZ.uqNFyIPqTjQ9DZM7Y2Y6Q
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: gT2VbkMR3-izjY1kkyFZIOMX64TeZRlT8Fq27G7Mgp59hetyEWlSmA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 40ms
22ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220413

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f79d38dfdc7c2c8c0b86abe620e091e7f08ab89d01bbea99079e48cd05a5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Apr 2022 20:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18513
x-jsd-version: 1.0.1310
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19168-FRA, cache-itm18845-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-hCle58xn/UUmnX3Cy1l3ibLPpDs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXgc9I%2Ble2PIMtdhncwFXKi8GYnr5%2FNloNJvFA6OhSMEqu0VevpK0EKC4ghuqad%2FLEsD8595APmkiVYYB8aFxpG4Dp7tbi5ByPtTW%2Bdhom6vmT9H17OVxf9ud1Fds6vRF6xkNIrw7IgjrJaC%2Bs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6fb6d7150dbc9152-FRA
access-control-expose-headers: *

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 312 KB
36 KB 35ms
8ms XHR
application/json 2600:9000:2240:8600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:8600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd01d020ab3fdcfded4ebd18adb322fdd4f4fd2205ca16f6eac48de5c30fdffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 03:00:37 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 61737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 03:00:32 GMT
server: AmazonS3
etag: W/"c8c957a184b1dc159f7560e10e85bad7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Bhlfgqise_XUrmeb_B12TUV0jF6-Wm_I_1eagn6qggZFrtWtKf99MA==

GET
H/1.1 200
OK 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 192 KB
192 KB 19ms
19ms Image
image/jpeg 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/widget/2019/11/05/1572962830.jpg

Requested by

Host: weakstreams.com
URL: http://weakstreams.com/

Protocol

HTTP/1.1

Server

2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Age: 1420029
Cf-Polished: degrade=85, origSize=227959, status=webp_bigger
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 196267
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Nov 2019 14:07:11 GMT
Server: cloudflare
ETag: "5dc1820f-37a77"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Content-Type: image/jpeg
Expires: Sat, 26 Feb 2022 15:38:46 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6fb6d7152b2a928f-FRA
Cf-Bgj: imgq:85,h2pri

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 14ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=735304122&t=pageview&_s=1&dl=http%3A%2F%2Fweakstreams.com%2F&ul=en-us&de=UTF-8&dt=WeakStreams.com%20-%20NBA%2C%20MMA%2C%20UFC%2C%20Boxing%2C%20NFL%20Sports%20HD%20Streams%20-%20Weakstreams%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1151746947&gjid=1060385184&cid=1452356159.1649880574&tid=UA-145079013-1&_gid=537471787.1649880574&_r=1&gtm=2ou460&z=99942592

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://weakstreams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

206

videoplayback
r6---sn-n02xgoxufvg3-2gbs.googlevideo.com/
Redirect Chain

http://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y
https://redirector.googlevideo.com/videoplayback?expire=1649889910&ei=Fv5WYtGJCIWWkwaP_6e4DA&ip=184.164.141.146&id=o-ABLgnLX1MI9s0WiOgpPlgOV9P3BoUpByzizcmk-5OBOJ&itag=134&aitags=133%2C134%2C135%2C1...
https://r6---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1649889910&ei=Fv5WYtGJCIWWkwaP_6e4DA&ip=184.164.141.146&id=o-ABLgnLX1MI9s0WiOgpPlgOV9P3BoUpByzizcmk-5OBOJ&itag=134&aitags=133%...

136 KB
0

98ms
15ms

Media
video/mp4

2a01:28:cb6:3::11
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1649889910&ei=Fv5WYtGJCIWWkwaP_6e4DA&ip=184.164.141.146&id=o-ABLgnLX1MI9s0WiOgpPlgOV9P3BoUpByzizcmk-5OBOJ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVCz_KdnLNoJBR-km8qCYbzZPk&vprv=1&mime=video%2Fmp4&ns=ISLmO8Vw-Bx0p4bqQviXHckG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=O-e7TcRBlZebpmDg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgbk_zlKq75mm1Zsje_3UCIFR8tAnyU-YrgIjU56w5yWYCIQDZh1iIc2VXp9Y31kczvqoiB6059t_O7mitgu0VXhJIlQ%3D%3D&cms_redirect=yes&mh=3a&mip=2a02:6ea0:c71b:0:1012:2fb2:f3d9:be0&mm=31&mn=sn-n02xgoxufvg3-2gbs&ms=au&mt=1649880306&mv=m&mvi=6&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMN7Tqqc9n8oA3AhAFXlCwOUrXyrbO-1s2skAL3qhQBkCIQCRy4OevHUVOkhffeN2W4knoF-UQpNaYnfZ_LRmuFmuJw%3D%3D

Requested by

Host: weakstreams.com
URL: http://weakstreams.com/

Protocol

Server

2a01:28:cb6:3::11 , Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:34 GMT
x-restrict-formats-hint: None
last-modified: Mon, 21 Sep 2020 08:51:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-10427992/10427993
client-protocol: quic
cache-control: private, max-age=9036
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 10427993
x-content-type-options: nosniff
expires: Wed, 13 Apr 2022 20:09:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:34 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r6---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1649889910&ei=Fv5WYtGJCIWWkwaP_6e4DA&ip=184.164.141.146&id=o-ABLgnLX1MI9s0WiOgpPlgOV9P3BoUpByzizcmk-5OBOJ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVCz_KdnLNoJBR-km8qCYbzZPk&vprv=1&mime=video%2Fmp4&ns=ISLmO8Vw-Bx0p4bqQviXHckG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=O-e7TcRBlZebpmDg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgbk_zlKq75mm1Zsje_3UCIFR8tAnyU-YrgIjU56w5yWYCIQDZh1iIc2VXp9Y31kczvqoiB6059t_O7mitgu0VXhJIlQ%3D%3D&cms_redirect=yes&mh=3a&mip=2a02:6ea0:c71b:0:1012:2fb2:f3d9:be0&mm=31&mn=sn-n02xgoxufvg3-2gbs&ms=au&mt=1649880306&mv=m&mvi=6&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMN7Tqqc9n8oA3AhAFXlCwOUrXyrbO-1s2skAL3qhQBkCIQCRy4OevHUVOkhffeN2W4knoF-UQpNaYnfZ_LRmuFmuJw%3D%3D
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 469 KB
123 KB 23ms
8ms Script
text/javascript 2600:9000:2240:8600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:8600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 02:55:47 GMT
content-encoding: br
age: 62028
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
server: AmazonS3
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: dHgoKPH-nl7YCNFKAJm0V1hmzoZ2_P612UNzWV8teKYrL3bNe-5jyg==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 36ms
8ms XHR
text/plain 3.121.92.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22weakstreams.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1649880574377%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-e6xzjw9rmptf6rqb3ge8%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.92.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Apr 2022 20:09:34 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
951 B 179ms
21ms Script
application/javascript 2606:4700:20::681a:9a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192632
x-amz-request-id: tx6e6f1dacee994dfb86df1-0062543d8e
x-amz-id-2: tx6e6f1dacee994dfb86df1-0062543d8e
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUhuJejx8EM9U0yehhHeQZH5WBprhqvDgXX%2BF%2BWd%2F%2BxSd%2BdUIAzlkbvnZRYrp9aErSrQhbagoxi%2BrHobPH3jxX8C%2FNTzFGs7VkB1OBxmC%2FVQ9BPTj89e2G3bED95zA%2FKfnTiEfhO7FeYBl5a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1649687875786561
cf-ray: 6fb6d747fdab9b2e-FRA

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 162ms
15ms XHR
application/json 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://weakstreams.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 138 B
837 B 147ms
7ms XHR
application/json 37.252.172.250

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

276257a99489adce80c8cd0b1c51ee037b414d312e4554b37dd4ea08f29524ff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:42 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid: 28e3c4b5-3c21-47c8-a63a-409eaa995f89
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://weakstreams.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
133 B 272ms
133ms XHR
text/plain 2606:4700:10::ac43:2ac9

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Apr 2022 20:09:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://weakstreams.com
access-control-allow-credentials: true
cf-ray: 6fb6d747fbbe9174-FRA

GET
H/1.1 200
OK cc.jpeg
px.vliplatform.com/bi-v4/ 0
797 B 152ms
130ms Image
image/jpeg 2606:4700:3037::ac43:9e3b

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMABZRrtNrtl0zghRmNKUBPMRzdNBBBeKAPy-ewYK-PMAy-aZae-rqTqeAyatrqyRlmNaKAbYZARdzNwqfftkRqxeNco_TMABZKUBPM_TRwkjNARkjmNKYMbaA,aKAbYZA,aKAbaA,PUMbUA,aKAbUU,aBAbTMA,aZAbaA,aUAbaA,KZAbTAARwlNgftzqu,qhhftbxl,jxqfzxdrtbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9e3b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:42 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 13 Apr 2022 20:09:42 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqiiU%2FSLGpjc28PL9Q71yvJI8veHZohM2uSxAfHmNPZmGST78OtAjvMHB5YWW%2BKxE%2FxdUjykEq5ruSUFi0cOVzSknmYQD9j4I60vSU08DZ6XaSMzZnYKYgHwrLw1cxOpV8IC%2FOUBvamGh87B4Acz9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=864000, immutable
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6fb6d7474a16912e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 152ms
21ms XHR
text/plain 185.184.8.90

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://weakstreams.com
date: Wed, 13 Apr 2022 20:09:42 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 153ms
21ms XHR
application/json 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://weakstreams.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
337 B 259ms
129ms XHR
text/plain 2606:4700:10::ac43:2ac9

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Apr 2022 20:09:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://weakstreams.com
access-control-allow-credentials: true
cf-ray: 6fb6d747fbc39174-FRA

GET
H/1.1 200
OK cc.jpeg
px.vliplatform.com/bi-v4/ 0
799 B 145ms
132ms Image
image/jpeg 2606:4700:3037::ac43:9e3b

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMABZRrtNrtl0zghRmNKUKBYRzdNrZtrTBwa-TaKT-PYAA-qZwq-MTTetYPYTAAMRlmNKYMbaARdzNwqfftkRqxeNco_TMABZKUKBY_MRwkjNARkjmNKYMbaARwlNkzwigxlt,gftzquRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9e3b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:42 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 13 Apr 2022 20:09:42 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaYtC9naBNyByH9Wkz%2BFgYa%2B0AaDzds5KVcKvxsl1b9irKMKSKdr8gqrlrdS1qCq4yqtloziEpmo3%2FYZTmpq70LQQLEsaElO2bOjuj01RHMTj58qeDDRwp7GkfZBT2seQHjx6US%2BaVI%2FcsmgbyaIrA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=864000, immutable
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6fb6d7474dd09b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK cc.jpeg
px.vliplatform.com/bi-v4/ 0
803 B 148ms
134ms Image
image/jpeg 2606:4700:3037::ac43:9e3b

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMABZRrtNrtl0zghRmNKUKBYRzdNBqtrtZty-UqwM-PqZy-wwat-KMaZeTZyqTqwRlmNaKAbaARdzNwqfftkRqxeNco_TMABZKUKBY_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9e3b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:42 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 13 Apr 2022 20:09:42 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUAhKwVQQulDZx6Xm6ZfEGsbeXlBcYd7nxVxt50cnY%2BxM%2BJ18%2FOYQ6xxaVikF%2Fjg%2BkGjntd3Am8JPAUsLLaUw1zu%2B2byM4O7bDsFqwHPCY2JjhfLLUZsrOnZ3vBmcfElmfZw%2Fy1f09ZdJCCNjsH44w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=864000, immutable
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6fb6d747488b918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 34ms
18ms Fetch
application/javascript 2606:4700:20::681a:9a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191446
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txc6b4fca24eb048d38fb6b-0062543f76
x-amz-id-2: txc6b4fca24eb048d38fb6b-0062543f76
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrvGHYD3rH679NgWWkNggkVfbfvYtAL9hATwe%2BPi%2FqHCIY2qyHyLXc25dv1sTCXt9ww1huvV5C0fAbgUi4PIhhG%2FFWmsu704TCTBjCy%2FqDaLyfe%2FmSpvcNag8zLEso1xa8uPfHhZD17IUrAB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1649687874851815
cf-ray: 6fb6d7483e969bee-FRA
access-control-allow-headers: Authorization
expires: Wed, 13 Apr 2022 20:39:42 GMT

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame 0ACF 706 B
946 B 25ms
25ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.vlitag.com/passback/?t=1649839761&d=18035&z=76348&divID=vi_1803576348_1&w=970&h=250
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1649839761/a7252188c690b03159f6d8ca5ad5425f.js?cc=DE
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abdc5c969f06968b1ececdb368a2658cdf88e76e4551c00d1b46e01efdab0582

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 13 Apr 2022 08:49:33 GMT
Server: cloudflare
Age: 36759
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6fb6d748eeb1925f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify

GET
H/1.1 200
OK 5.jpg
assets.vlitag.com/ads//970x250/ Frame 0ACF 18 KB
19 KB 33ms
33ms Image
image/webp 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/ads//970x250/5.jpg

Requested by

Host: weakstreams.com
URL: http://weakstreams.com/

Protocol

HTTP/1.1

Server

2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a77f8f7f0228e6c91c9f3573cbc970f235c892338b2159790a766fc29a802c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:42 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Age: 696172
Cf-Polished: qual=85, origFmt=jpeg, origSize=52915
Content-Disposition: inline; filename="5.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 18746
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:46 GMT
Server: cloudflare
ETag: "5dbbbcee-ceb3"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Content-Type: image/webp
Expires: Tue, 05 Apr 2022 01:35:30 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6fb6d7491c93928f-FRA
Cf-Bgj: imgq:85,h2pri

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 24ms
23ms XHR
text/plain 185.184.8.90

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://weakstreams.com
date: Wed, 13 Apr 2022 20:09:43 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 17ms
16ms XHR
application/json 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://weakstreams.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
157 B 212ms
211ms XHR
text/plain 2606:4700:10::ac43:2ac9

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Apr 2022 20:09:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://weakstreams.com
access-control-allow-credentials: true
cf-ray: 6fb6d74fdfc09174-FRA

GET
H/1.1 200
OK cc.jpeg
px.vliplatform.com/bi-v4/ 0
799 B 135ms
134ms Image
image/jpeg 2606:4700:3037::ac43:9e3b

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMABZRrtNrtl0zghRmNKUKBYRzdNaeyYUyPt-KMeU-PKKw-wwYT-ZrZZKBUTPMePRlmNKYMbaARdzNwqfftkRqxeNco_TMABZKUKBY_MRwkjNARkjmNKYMbaARwlNkzwigxlt,gftzquRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9e3b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 13 Apr 2022 20:09:43 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA8GcRQtDejIxtyo8W%2BeOt6mUyvOe53VRo7ehZnwGUVKfr5GAlAO%2Fm586UdEEk3tvnhQ4LfBIoG2YlWrEt10O8EM0gkPQP%2BXTrGa3LaoAcdLI5vbdwbrW7fgqgy5fuK1YBZ3L%2FD2AdNUmGpXNyWq%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=864000, immutable
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6fb6d74fde45918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK cc.jpeg
px.vliplatform.com/bi-v4/ 0
799 B 151ms
151ms Image
image/jpeg 2606:4700:3037::ac43:9e3b

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMABZRrtNrtl0zghRmNKUKBYRzdNYerTMKwU-yUBe-PZwY-wawB-YTPaqyMUwKYeRlmNaKAbaARdzNwqfftkRqxeNco_TMABZKUKBY_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9e3b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 13 Apr 2022 20:09:43 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1hXOjiP5CwwUh3dy3HMLTUDK%2FnkzxvaqZki9IlCCfmlOBdoa0pyDnzOkg44STcvqW7Wce1xV%2F1CIriFjGzv46R6SCFBxt3Pjm7ismuafkB%2FFMpymED%2Fh%2BGRM4U8Nc7yezLNNg3iC98HajjzvOZDgw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=864000, immutable
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6fb6d74fde1a9b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 13ms
13ms XHR
application/json 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://weakstreams.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 19ms
19ms XHR
text/plain 185.184.8.90

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://weakstreams.com
date: Wed, 13 Apr 2022 20:09:45 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
157 B 257ms
257ms XHR
text/plain 2606:4700:10::ac43:2ac9

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://weakstreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://weakstreams.com
access-control-allow-credentials: true
cf-ray: 6fb6d7588e429174-FRA

GET
H/1.1 200
OK cc.jpeg
px.vliplatform.com/bi-v4/ 0
805 B 135ms
135ms Image
image/jpeg 2606:4700:3037::ac43:9e3b

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMABZRrtNrtl0zghRmNKUKBYRzdNTwqqPtTe-aUwa-Paaa-MMqa-BwKUTAatewytRlmNKYMbaARdzNwqfftkRqxeNco_TMABZKUKBY_MRwkjNARkjmNKYMbaARwlNgftzqu,kzwigxltRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9e3b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:45 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 13 Apr 2022 20:09:45 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FybBcYjlfvOAGW0zRG%2BR8QpqFh8qntyGQ3Iq8U6y%2FFlx4OPyaRDv%2Fabr0YYUEMYLMeTrI23rjgRtSf%2BKbJe9UcFUtSKGMWZ7LxPLbPfgoIWQpg0xCWjJ%2FYuaqUg18QWDdkOqmgSz%2F4fTEgTAy1%2BZw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=864000, immutable
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6fb6d7588da89b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK cc.jpeg
px.vliplatform.com/bi-v4/ 0
795 B 132ms
132ms Image
image/jpeg 2606:4700:3037::ac43:9e3b

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMABZRrtNrtl0zghRmNKUKBYRzdNUZwZBUyq-APaY-PePt-wBMY-TKYYewYBMPtARlmNaKAbaARdzNwqfftkRqxeNco_TMABZKUKBY_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9e3b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://weakstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 20:09:45 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 13 Apr 2022 20:09:45 GMT
Server: cloudflare
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYc8N7CfbqSRE9FMbFBw1%2F6DDWzScW75RyoxHVpsgMCiZHOcQQs6q106LnsW29nS3UlOzXaUDqzh800qssQ4FneOBseT2%2BSm4hXf8lFn8pNkOhdYCggCEeNNV1PT93P%2FwvA3R6JpiaDBRH0lifi5sg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=864000, immutable
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6fb6d7588bac918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8B47 4 KB
2 KB 9ms
9ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

6a39f72078142dca60642828a0fd2073ba4921d966e93c4105301d7c8bfd8f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1442
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 2A1B 4 KB
2 KB 9ms
8ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

6a39f72078142dca60642828a0fd2073ba4921d966e93c4105301d7c8bfd8f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1442
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1676 4 KB
2 KB 8ms
8ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

6a39f72078142dca60642828a0fd2073ba4921d966e93c4105301d7c8bfd8f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1442
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D273 4 KB
2 KB 8ms
8ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-6.14.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

6a39f72078142dca60642828a0fd2073ba4921d966e93c4105301d7c8bfd8f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://weakstreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1442
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

f20c6257-2e0a-4700-bc9c-616238daa0cf
onetag-sys.com/sync/i,1/ Frame 8B47
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/f20c6257-2e0a-4700-bc9c-616238daa0cf

0
290 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/f20c6257-2e0a-4700-bc9c-616238daa0cf

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Wed, 13 Apr 2022 20:09:46 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x4 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/f20c6257-2e0a-4700-bc9c-616238daa0cf
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 13 Apr 2022 20:09:45 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8B47 0
239 B 55ms
11ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

8477243782789184426
onetag-sys.com/sync/i,34/ Frame 8B47
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://onetag-sys.com/sync/i,34/8477243782789184426

0
290 B

9ms
9ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/8477243782789184426

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/8477243782789184426
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame 8B47
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083

0
291 B

14ms
13ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 15022fb9-36fd-47f0-b632-5cddb3bf1135
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 8B47 0
239 B 52ms
12ms Image
image/gif 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2

204

sync
pixel.advertising.com/ups/58198/ Frame 8B47
Redirect Chain

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
124 B

22ms
21ms

Image
text/plain

52.59.66.68

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

52.59.66.68 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B47
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjZ9WpEHNMFqMZLS_bWy1NrdNNsVwQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjZ9WpEHNMFqMZLS_bWy1NrdNNsVwQ&google_tc=

170 B
188 B

69ms
41ms

Image
image/png

142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjZ9WpEHNMFqMZLS_bWy1NrdNNsVwQ&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjZ9WpEHNMFqMZLS_bWy1NrdNNsVwQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 8B47 0
75 B 404ms
16ms Image
text/plain 185.86.137.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 8B47 0
0 49ms
17ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8B47
Redirect Chain

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

43 B
556 B

390ms
95ms

Image
image/gif

209.54.176.128

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

HTTP/1.1

Server

209.54.176.128 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S2CTDZ7H2MANAHQ3MXT4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET ImgSync
image8.pubmatic.com/AdServer/ Frame 8B47 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 8B47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJcmFiOUq4RDuYXt16e1yLk&google_cver=1

0
291 B

10ms
9ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJcmFiOUq4RDuYXt16e1yLk&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJcmFiOUq4RDuYXt16e1yLk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 8B47
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A

0
291 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A
date: Wed, 13 Apr 2022 20:09:45 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame 8B47
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

43 B
370 B

9ms
9ms

Image
image/gif

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
content-length: 64
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H2

200

/
onetag-sys.com/match/ Frame 8B47
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://x.bidswitch.net/ul_cb/sync?ssp=onetag
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920440752985&expires=30&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

0
291 B

8ms
7ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582410&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 13 Apr 2022 20:09:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

99616257-2e0a-4c00-a5e6-fd143524af7d
onetag-sys.com/sync/i,1/ Frame 2A1B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/99616257-2e0a-4c00-a5e6-fd143524af7d

0
290 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/99616257-2e0a-4c00-a5e6-fd143524af7d

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Wed, 13 Apr 2022 20:09:46 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x55 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/99616257-2e0a-4c00-a5e6-fd143524af7d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 13 Apr 2022 20:09:45 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2A1B 0
239 B 262ms
221ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

3638762136252355038
onetag-sys.com/sync/i,34/ Frame 2A1B
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://onetag-sys.com/sync/i,34/3638762136252355038

0
290 B

9ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/3638762136252355038

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/3638762136252355038
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame 2A1B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083

0
291 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 20d020dc-8d51-4cdc-8f1f-f72f75924f0e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1878447394561167083
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 2A1B 0
239 B 49ms
11ms Image
image/gif 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

sync
pixel.advertising.com/ups/58198/ Frame 2A1B
Redirect Chain

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
124 B

21ms
20ms

Image
text/plain

52.59.66.68

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

52.59.66.68 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A1B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjwbgdidUnvaPTy-phH_osXRAJv9UQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjwbgdidUnvaPTy-phH_osXRAJv9UQ&google_tc=

170 B
188 B

61ms
33ms

Image
image/png

142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjwbgdidUnvaPTy-phH_osXRAJv9UQ&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkjwbgdidUnvaPTy-phH_osXRAJv9UQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 2A1B 0
75 B 402ms
17ms Image
text/plain 185.86.137.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 2A1B 0
0 47ms
18ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2A1B
Redirect Chain

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

43 B
556 B

385ms
96ms

Image
image/gif

209.54.176.128

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

HTTP/1.1

Server

209.54.176.128 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TCB5N3FBQ0870QZ8REH3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET ImgSync
image8.pubmatic.com/AdServer/ Frame 2A1B 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 2A1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfI_c0nVCAi22qZKMm2wGk&google_cver=1

0
291 B

9ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfI_c0nVCAi22qZKMm2wGk&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfI_c0nVCAi22qZKMm2wGk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 2A1B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A

0
291 B

9ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A
date: Wed, 13 Apr 2022 20:09:45 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame 2A1B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

43 B
370 B

8ms
8ms

Image
image/gif

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
content-length: 64
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H2

200

/
onetag-sys.com/match/ Frame 2A1B
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://x.bidswitch.net/ul_cb/sync?ssp=onetag
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag
https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559723017563303&expires=30&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

0
291 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880583673&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 13 Apr 2022 20:09:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

4e466257-2e0a-4800-bef5-e715640eefe1
onetag-sys.com/sync/i,1/ Frame 1676
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/4e466257-2e0a-4800-bef5-e715640eefe1

0
290 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/4e466257-2e0a-4800-bef5-e715640eefe1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Wed, 13 Apr 2022 20:09:46 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x49 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/4e466257-2e0a-4800-bef5-e715640eefe1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 13 Apr 2022 20:09:45 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1676 0
239 B 52ms
13ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

200

2406683242989810191
onetag-sys.com/sync/i,34/ Frame 1676
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://onetag-sys.com/sync/i,34/2406683242989810191

0
290 B

9ms
9ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/2406683242989810191

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/2406683242989810191
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame 1676
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9006142924590647076

0
291 B

15ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9006142924590647076

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fa4d71e7-6e1d-41b3-89a0-52859af88ec9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=9006142924590647076
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1676 0
239 B 46ms
12ms Image
image/gif 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

sync
pixel.advertising.com/ups/58198/ Frame 1676
Redirect Chain

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
124 B

21ms
21ms

Image
text/plain

52.59.66.68

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

52.59.66.68 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1676
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkj3PLGTtX2FuwMM0Wop0mFHVEQQ11w
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkj3PLGTtX2FuwMM0Wop0mFHVEQQ11w&google_tc=

170 B
188 B

61ms
33ms

Image
image/png

142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkj3PLGTtX2FuwMM0Wop0mFHVEQQ11w&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSLkj3PLGTtX2FuwMM0Wop0mFHVEQQ11w&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 1676 0
75 B 399ms
17ms Image
text/plain 185.86.137.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 1676 0
0 45ms
19ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1676
Redirect Chain

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

43 B
556 B

385ms
95ms

Image
image/gif

209.54.176.128

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

HTTP/1.1

Server

209.54.176.128 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QAW2B4GMVGXYHVMSR5H9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET ImgSync
image8.pubmatic.com/AdServer/ Frame 1676 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 1676
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECX0dRpDlhzc2IqDvNlJXdE&google_cver=1

0
291 B

9ms
9ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESECX0dRpDlhzc2IqDvNlJXdE&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESECX0dRpDlhzc2IqDvNlJXdE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 1676
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A

0
291 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-QGsRWmdE2uEUuVQzr66UVYXT8Q0JZDIB6cAhuuY-~A
date: Wed, 13 Apr 2022 20:09:45 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame 1676
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

43 B
370 B

9ms
9ms

Image
image/gif

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
content-length: 64
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H2

200

/
onetag-sys.com/match/ Frame 1676
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://x.bidswitch.net/ul_cb/sync?ssp=onetag
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ade05092-5f17-4eb9-9b60-bfc8b41202fd&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

0
291 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880582417&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 13 Apr 2022 20:09:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cd446257-2e0a-4200-a770-328269ffdd8a
onetag-sys.com/sync/i,1/ Frame D273
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/cd446257-2e0a-4200-a770-328269ffdd8a

0
290 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/cd446257-2e0a-4200-a770-328269ffdd8a

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Wed, 13 Apr 2022 20:09:46 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x53 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/cd446257-2e0a-4200-a770-328269ffdd8a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 13 Apr 2022 20:09:45 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D273 0
239 B 49ms
12ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

6573734568301201423
onetag-sys.com/sync/i,34/ Frame D273
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
https://onetag-sys.com/sync/i,34/6573734568301201423

0
290 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/6573734568301201423

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/6573734568301201423
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame D273
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1603681157827408698

0
291 B

24ms
24ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1603681157827408698

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3b238a94-b44b-415b-858a-dcb3e94aa521
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1603681157827408698
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame D273 0
239 B 44ms
11ms Image
image/gif 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=XbKed7dXJw2tndludCBsWPv9KwxcrcNJKq-IjNZjUf4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

sync
pixel.advertising.com/ups/58198/ Frame D273
Redirect Chain

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
124 B

21ms
21ms

Image
text/plain

52.59.66.68

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

52.59.66.68 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D273
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSL1W30-fARxtdhm-JvOybMV9J4KZWi7A
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSL1W30-fARxtdhm-JvOybMV9J4KZWi7A&google_tc=

170 B
188 B

54ms
27ms

Image
image/png

142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSL1W30-fARxtdhm-JvOybMV9J4KZWi7A&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgCSL1W30-fARxtdhm-JvOybMV9J4KZWi7A&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame D273 0
75 B 397ms
17ms Image
text/plain 185.86.137.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:09:45 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame D273 0
0 42ms
18ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D273
Redirect Chain

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

43 B
556 B

396ms
100ms

Image
image/gif

209.54.176.128

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

HTTP/1.1

Server

209.54.176.128 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 20:09:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HDFDPDR5QQEFJ4YQFAA5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UpfxS23ftvejwNa-ZKsMnGqdaos6b3FOtBjeq7YSvtI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET ImgSync
image8.pubmatic.com/AdServer/ Frame D273 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame D273
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEILZ_aVGgdmW6CNDJtftn9w&google_cver=1

0
291 B

10ms
9ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEILZ_aVGgdmW6CNDJtftn9w&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEILZ_aVGgdmW6CNDJtftn9w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame D273
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A

0
291 B

8ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-2fufoElE2uGMtFWynJfCfRQkpk6PUjSaDy4XYBk-~A
date: Wed, 13 Apr 2022 20:09:45 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame D273
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

43 B
370 B

9ms
8ms

Image
image/gif

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
content-length: 64
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Apr 2022 20:09:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=20a29847-5a0a-4065-9524-029bdad0e1f4&ttl=1652472585
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H2

200

/
onetag-sys.com/match/ Frame D273
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://x.bidswitch.net/ul_cb/sync?ssp=onetag
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&&user_id=IqEpPyb2LDE58Ck4d_cxMHGlLm45pno4J6VnyDWE
https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

0
291 B

9ms
8ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1649880585160&gdpr=1

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=25cb8156-dd9a-442b-9d53-26011cdf8e04&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 13 Apr 2022 20:09:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
weakstreams.com/	1970-01-20 03:44:24	Name: __ppIdCC Value: qewjatrewna_xon2104.889573.8.
.weakstreams.com/	1970-01-20 19:49:12	Name: _ga Value: GA1.2.1452356159.1649880574
.weakstreams.com/	1970-01-20 02:19:26	Name: _gid Value: GA1.2.537471787.1649880574
.weakstreams.com/	1970-01-20 02:18:00	Name: _gat_gtag_UA_145079013_1 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
assets.vlitag.com
audit-tcfv2.quantcast.mgr.consensu.org
befirstcdn.com
cdn.jsdelivr.net
cm.g.doubleclick.net
dmp.adform.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs-simple.com
ib.adnxs.com
id.rlcdn.com
image8.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
media.vlitag.com
onetag-sys.com
p.rfihub.com
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
px.vliplatform.com
quantcast.mgr.consensu.org
r6---sn-n02xgoxufvg3-2gbs.googlevideo.com
redirector.googlevideo.com
s.amazon-adsystem.com
script.4dex.io
securepubads.g.doubleclick.net
services.vlitag.com
ssbsync-global.smartadserver.com
sync.mathtag.com
tag.vlitag.com
test.quantcast.mgr.consensu.org
ups.analytics.yahoo.com
use.fontawesome.com
useast.quantumdex.io
weakspell.com
weakstreams.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
youradexchange.com
image8.pubmatic.com
142.250.185.130
15.197.193.217
172.217.18.98
185.184.8.90
185.86.137.122
192.64.119.51
193.0.160.129
209.54.176.128
216.200.232.249
2600:9000:2156:e200:3:a4cd:8380:93a1
2600:9000:2240:8600:9:46dc:4700:93a1
2606:4700:10::6816:3ac7
2606:4700:10::6816:3bc7
2606:4700:10::ac43:2ac9
2606:4700:20::681a:9a9
2606:4700:3037::ac43:9e3b
2606:4700::6810:5514
2606:4700::6810:a465
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4014:80e::200a
2a01:28:cb6:3::11
2a06:98c1:3120::7
2a06:98c1:3121::7
3.120.1.163
3.121.92.52
3.126.46.237
3.126.56.137
35.190.41.116
35.244.174.68
37.157.2.237
37.252.172.250
37.252.173.215
51.75.86.98
52.59.66.68
69.173.144.138
69.173.144.139
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07948b47aeb2c381cdc6288c43b2fdaa6593d2482e713aa9853ff4da3bce3537
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c400b4094040a4a01dc06f4217b28c2995c01e3c4bdc62d1447dd8f8b637927
0d592e90d2e1764438cac053d90e029c4ef7142435795f57a89dc16ddce0ca23
0e505f136a0c71eedb2c6c969b2113b890a72f4a2f877a045ceb752b6f3460ad
0fb530167abf9b6bf2481c7feb2967b3e66c66f9db844eb1f0eb6e777ee535e2
101e7af6edd4d028c5fb43b0bfb990e13fe7b47e6dccd045aac2bdc51d92a8e2
14223e9b7fc0b453ace4795cfb257501ba7f327b6de9b0dc7f01fbde72b5f3d7
15377398f026b4beb337db55bf9021fb3090d44db1786fec179955ef3b14c2d7
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b5a4b210950515793f186293b3af2410a5e67e5a541672926ca8d7fe3e7ae36
1fb5647b263126f107c222a6308576dea731dba415a66c69e2add5c38e55168d
276257a99489adce80c8cd0b1c51ee037b414d312e4554b37dd4ea08f29524ff
27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0
28491d4111952bdf89279a46420f26a28d788d664ac17267937ea70b5b22764c
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
3439f92804f8cce08ab5d2c45845d33e7e3f9c2e8939a67e4884defff195b20d
46d8d0a590fc1be472fdd8416c3cab18089c24a754e00c6b4fec7685bd299a78
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57793c72d367be6d5a6c31d150789c52aaf02a5709036e37996a7d0923bf5a3f
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
59f1c5465371205cfdb79dd3b08602ee13838e819116a3fd4794711030b0357e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e880c8de639677c2ec0a2759d646fc8a6ff41245d648994176a8f1f22c0dcaf
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
652eadae1a67317f46ba303b6be673ae728d7d26224ec53b2a26c6debae48bce
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66f79d38dfdc7c2c8c0b86abe620e091e7f08ab89d01bbea99079e48cd05a5b5
6a39f72078142dca60642828a0fd2073ba4921d966e93c4105301d7c8bfd8f4f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
80b506eaaf30b2200d0d4606f74d281832e9331b1730007d9c0720d4be34cd6e
8666e92d8203fd8fe3e28ffd63c6cd2266ba7799d1258208a4b25c07a5809234
868b8bb442dd4bd3803279d5a92abd16f1b49fae0c4ba2b6827fc2fe8d2f8f43
891f297e31f36ff74f887d8862c4f1456e8ba58babb66592cea99be878390e98
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98a77f8f7f0228e6c91c9f3573cbc970f235c892338b2159790a766fc29a802c
9d2dc93d78a574c2e1bbe6155ddcec052e0f5bc527243ce85aba5e7a8d924fb7
9e0b2feac50232a2e19309cc1f282f8116a3e02e53bd196e25d0bbbbd335e206
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8f289144b0c29011dec73356760be435f2bff1374f57ef8c47bdebf85481069
abd3d8fa018de1700f2812cd87ae4f4d2a69b1c0e87d16e1e08fb27e84704121
abdc5c969f06968b1ececdb368a2658cdf88e76e4551c00d1b46e01efdab0582
ad77c9e3611a79ed355cbe5fe68efc7bb59b7357caf283271c547be0b714df36
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
ba462ce8e635f0fa1ede82d95e872e1ad1843a678e4781dbf56e67d685c6ce1f
ba53e471be0c90abe88a1491a03a4bcde06cbc01881e3b67a4ae8a4f025074df
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
ca88c87f38ffc56d763162e139ec8a6eb40fa627c00c396bd0a5714b921bb737
d401647007f1293fa897db13018f228ed4c191a790ccc9187c177a421d1d9a71
dd01d020ab3fdcfded4ebd18adb322fdd4f4fd2205ca16f6eac48de5c30fdffc
de50c4b2ed2b7779b6cd7da05e94cf9b4bff502c847fe1334c226f636f61fbd5
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2d671327bb6325b532289bffa23656e0564f1feade02f81cd9fabaaaf88eebc
e3511df69c286f7065973f31a1ea1ed5e1536a5fdc4ccef1b494da064836f379
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

weakstreams.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

34 %HTTPS

48 %IPv6

36 Domains

45 Subdomains

31 IPs

4 Countries

1586 kBTransfer

4583 kBSize

4 Cookies

19 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

weakstreams.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

34 %
HTTPS

48 %
IPv6

36
Domains

45
Subdomains

31
IPs

4
Countries

1586 kB
Transfer

4583 kB
Size

4
Cookies

146 HTTP transactions
1 data transactions