zaxid.net Open in urlscan Pro
2606:4700:20::681a:799 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zaxid.net/
Effective URL:
https://zaxid.net/
Submission: On February 28 via manual (February 28th 2021, 1:24:28 pm UTC) from UA

Summary HTTP 524 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 82 IPs in 13 countries across 90 domains to perform 524 HTTP transactions. The main IP is 2606:4700:20::681a:799, located in United States and belongs to CLOUDFLARENET, US. The main domain is zaxid.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.

This is the only time zaxid.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	2606:4700:20:... 2606:4700:20::681a:799	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	142.93.100.57 142.93.100.57	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:10:... 2606:4700:10::ac43:757	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	95.216.24.149 95.216.24.149	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
11	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	185.41.250.4 185.41.250.4	44600 (GT-AS) (GT-AS)
1 4	149.202.221.211 149.202.221.211	16276 (OVH) (OVH)
1	194.247.175.23 194.247.175.23	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
16	65.9.58.62 65.9.58.62	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 23	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	2606:4700:10:... 2606:4700:10::6816:3181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1 22	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
22	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
11	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
22	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
1 25	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2606:4700:303... 2606:4700:3035::6815:2f1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.186.205.146 54.186.205.146	16509 (AMAZON-02) (AMAZON-02)
2 9	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1	69.173.144.153 69.173.144.153	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:303... 2606:4700:3037::6815:334c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	65.9.58.9 65.9.58.9	16509 (AMAZON-02) (AMAZON-02)
11	34.247.206.41 34.247.206.41	16509 (AMAZON-02) (AMAZON-02)
3	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
15	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2	94.130.16.67 94.130.16.67	24940 (HETZNER-AS) (HETZNER-AS)
3 3	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
3	2a01:ab20:0:2... 2a01:ab20:0:203::1:245	47302 (CYON) (CYON)
8	104.111.248.103 104.111.248.103	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	52.30.234.204 52.30.234.204	16509 (AMAZON-02) (AMAZON-02)
21	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5 5	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
11 17	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
7 7	185.29.132.144 185.29.132.144	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 6	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
3 5	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
5 5	3.120.52.76 3.120.52.76	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1 1	52.72.174.10 52.72.174.10	14618 (AMAZON-AES) (AMAZON-AES)
3 3	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
4 4	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 2	52.95.123.41 52.95.123.41	16509 (AMAZON-02) (AMAZON-02)
3 3	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	18.158.93.70 18.158.93.70	16509 (AMAZON-02) (AMAZON-02)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.246.149.44 34.246.149.44	16509 (AMAZON-02) (AMAZON-02)
12 12	52.49.193.31 52.49.193.31	16509 (AMAZON-02) (AMAZON-02)
1 11	63.33.123.138 63.33.123.138	16509 (AMAZON-02) (AMAZON-02)
4 6	52.16.108.17 52.16.108.17	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	35.201.80.102 35.201.80.102	15169 (GOOGLE) (GOOGLE)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	5.148.168.135 5.148.168.135	29691 (NINE) (NINE)
1 2	2a00:17c8:0:1... 2a00:17c8:0:103::20a	12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG)
4	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
3 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	3.127.88.255 3.127.88.255	16509 (AMAZON-02) (AMAZON-02)
2 2	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
2 23	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.180 213.155.156.180	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	87.98.228.78 87.98.228.78	16276 (OVH) (OVH)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.106 185.64.190.106	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.69.220.219 54.69.220.219	16509 (AMAZON-02) (AMAZON-02)
3 3	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
1 1	34.234.110.25 34.234.110.25	14618 (AMAZON-AES) (AMAZON-AES)
524	82

42 2606:4700:20::681a:799 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zaxid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.100.57 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:757 (United States)

ASN13335 (CLOUDFLARENET, US)

24tv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.24.149 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.41.250.4 (Kyiv, Ukraine)

ASN44600 (GT-AS, UA)

piwik.luxnet.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.202.221.211 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ua2.host.hit.gemius.pl

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

juke.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
57d05cf59475447ed390f107e00bebf4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 65.9.58.62 (United States)

ASN16509 (AMAZON-02, US)

intelaxa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap4ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3181 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adpone-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 185.33.221.91 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3035::6815:2f1c (United States)

ASN13335 (CLOUDFLARENET, US)

projectagora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.205.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-205-146.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.153 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-fra2-v4.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3037::6815:334c (United States)

ASN13335 (CLOUDFLARENET, US)

projectagoralibs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 65.9.58.9 (United States)

ASN16509 (AMAZON-02, US)

ploxtar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.247.206.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com

projectagora-483829-hdb.adomik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.16.67 (Germany)

ASN24940 (HETZNER-AS, DE)

assets.bly.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.200.5.215 (Germany) 3 redirects

ASN31400 (ACCELERATED-IT, DE)

cct.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cct.shop.post.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:ab20:0:203::1:245 (Switzerland)

ASN47302 (CYON, CH)

campaigns.cembra.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.248.103 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aqfer.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.234.204 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-234-204.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.121.27.153 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.130 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.29.132.144 (United Kingdom) 7 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.14.49 (Frankfurt am Main, Germany) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.120.52.76 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-76.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.174.10 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-174-10.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.150 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.139 (New York, United States) 4 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.30 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.150 (Portsmouth, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.183 (Amsterdam, Netherlands) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.93.70 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.149.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.49.193.31 (Dublin, Ireland) 12 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 63.33.123.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.16.108.17 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.80.102 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

dx.frontend.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.148.168.135 (Zurich, Switzerland) 1 redirects

ASN29691 (NINE, CH)

tracking.adtracker.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:17c8:0:103::20a (Liebefeld, Switzerland) 1 redirects

ASN12511 (CH-POSTNETZ Post CH AG, CH)

www.post.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c305::8000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.127.88.255 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.211.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.143 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.228.78 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.220.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-220-219.us-west-2.compute.amazonaws.com

track.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.210.112.236 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.110.25 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	pubmatic.com 2 redirects hbopenbid.pubmatic.com ads.pubmatic.com image2.pubmatic.com image6.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com sshowads.pubmatic.com aktrack.pubmatic.com simage4.pubmatic.com	209 KB
52	lijit.com 2 redirects ap.lijit.com gslbeacon.lijit.com vap4ams1.lijit.com pxdrop.lijit.com ce.lijit.com aqfer.lijit.com	121 KB
42	zaxid.net 1 redirects zaxid.net	422 KB
37	googlesyndication.com dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 57d05cf59475447ed390f107e00bebf4.safeframe.googlesyndication.com	177 KB
36	rubiconproject.com 5 redirects fastlane.rubiconproject.com beacon-fra2-v4.rubiconproject.com pixel-eu.rubiconproject.com pixel-us-east.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	54 KB
31	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	43 KB
31	doubleclick.net 11 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	294 KB
24	smartadserver.com 2 redirects prg.smartadserver.com rtb-csync.smartadserver.com	8 KB
24	openx.net 2 redirects adpone-d.openx.net us-u.openx.net eu-u.openx.net rtb.openx.net	7 KB
23	adform.net 2 redirects adx.adform.net track.adform.net s1.adform.net c1.adform.net	76 KB
16	intelaxa.com intelaxa.com	134 KB
14	criteo.com bidder.criteo.com gum.criteo.com dis.criteo.com	2 KB
12	bidr.io 12 redirects match.prod.bidr.io	5 KB
11	gumgum.com 1 redirects rtb.gumgum.com	4 KB
11	adomik.com projectagora-483829-hdb.adomik.com	1 KB
11	ploxtar.com ploxtar.com	4 KB
11	projectagoralibs.com projectagoralibs.com	18 KB
11	projectagora.net projectagora.net	1 MB
11	projectagoraservices.com ads.projectagoraservices.com	40 KB
11	adpone.com hb.adpone.com	965 KB
7	adsrvr.org 4 redirects data.adsrvr.org match.adsrvr.org	3 KB
7	mathtag.com 7 redirects sync.mathtag.com	4 KB
7	onthe.io cdn.onthe.io tt.onthe.io	19 KB
6	weborama.com 4 redirects dx.frontend.weborama.com	1 KB
6	everesttech.net 5 redirects sync-tm.everesttech.net	1 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	eyeota.net 5 redirects ps.eyeota.net	3 KB
5	google.com 1 redirects www.google.com adservice.google.com	1 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	contextweb.com 4 redirects bh.contextweb.com	3 KB
4	turn.com 4 redirects d.turn.com ad.turn.com	2 KB
4	gemius.pl 1 redirects gaua.hit.gemius.pl	12 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	post.ch 2 redirects cct.shop.post.ch www.post.ch	961 B
3	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	9 KB
3	simpli.fi 2 redirects um.simpli.fi	1 KB
3	tapad.com 2 redirects pixel.tapad.com	1 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com	2 KB
3	creativecdn.com 3 redirects creativecdn.com ams.creativecdn.com	994 B
3	1rx.io 3 redirects sync.1rx.io	985 B
3	quantserve.com 3 redirects pixel.quantserve.com	1 KB
3	crwdcntrl.net 3 redirects bcp.crwdcntrl.net sync.crwdcntrl.net	1 KB
3	cembra.ch campaigns.cembra.ch	2 KB
3	adtrue.com cdn.adtrue.com exchange.adtrue.com track.adtrue.com	5 KB
3	googletagservices.com www.googletagservices.com	94 KB
3	google.ch adservice.google.ch	2 KB
3	google-analytics.com www.google-analytics.com	38 KB
3	googletagmanager.com www.googletagmanager.com	116 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	993 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	561 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	criteo.net static.criteo.net	51 KB
2	avct.cloud 2 redirects ads.avct.cloud	888 B
2	weborama.fr 2 redirects rd.frontend.weborama.fr	614 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	628 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	admedo.com 2 redirects pool.admedo.com	775 B
2	connects.ch 2 redirects cct.connects.ch	723 B
2	bly.ch assets.bly.ch	692 B
2	bemobile.ua source.mmi.bemobile.ua juke.mmi.bemobile.ua	20 KB
2	luxnet.ua piwik.luxnet.ua	22 KB
2	24tv.ua 24tv.ua	849 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	327 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	adtracker.ch 1 redirects tracking.adtracker.ch	230 B
1	exelator.com 1 redirects loadm.exelator.com	616 B
1	clickagy.com 1 redirects aorta.clickagy.com	651 B
1	google.de www.google.de	107 B
1	gravitec.net cdn.gravitec.net	18 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
0	socdm.com Failed tg.socdm.com Failed
0	emxdgt.com Failed cs.emxdgt.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	technoratimedia.com Failed sync.technoratimedia.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	sportradarserving.com Failed a.sportradarserving.com Failed
0	playground.xyz Failed ads.playground.xyz Failed
0	volvelle.tech Failed a.volvelle.tech Failed
0	rlcdn.com Failed id.rlcdn.com Failed
0	acuityplatform.com Failed ums.acuityplatform.com Failed
0	tns-ua.com Failed pa.tns-ua.com Failed
524	90

	Domain	Requested by
42	zaxid.net	1 redirects zaxid.net ajax.cloudflare.com
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com zaxid.net dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
25	ib.adnxs.com	1 redirects hb.adpone.com projectagora.net acdn.adnxs.com
22	prg.smartadserver.com	hb.adpone.com projectagora.net
22	hbopenbid.pubmatic.com	hb.adpone.com projectagora.net
22	fastlane.rubiconproject.com	hb.adpone.com projectagora.net
21	ce.lijit.com	intelaxa.com gslbeacon.lijit.com us-u.openx.net ads.pubmatic.com rtb.gumgum.com
21	ap.lijit.com	2 redirects intelaxa.com hb.adpone.com ap.lijit.com gslbeacon.lijit.com
17	cm.g.doubleclick.net	11 redirects gslbeacon.lijit.com us-u.openx.net pxdrop.lijit.com intelaxa.com rtb.gumgum.com
16	intelaxa.com	zaxid.net intelaxa.com
15	ads.pubmatic.com	exchange.adtrue.com gslbeacon.lijit.com hb.adpone.com ads.pubmatic.com intelaxa.com rtb.gumgum.com
14	simage2.pubmatic.com	1 redirects image6.pubmatic.com ads.pubmatic.com
12	match.prod.bidr.io	12 redirects
11	rtb.gumgum.com	1 redirects gslbeacon.lijit.com rtb.gumgum.com
11	projectagora-483829-hdb.adomik.com
11	ploxtar.com	ads.projectagoraservices.com
11	projectagoralibs.com	ads.projectagoraservices.com
11	projectagora.net	ads.projectagoraservices.com
11	bidder.criteo.com	hb.adpone.com
11	adpone-d.openx.net	hb.adpone.com
11	adx.adform.net	hb.adpone.com
11	ads.projectagoraservices.com	intelaxa.com
11	hb.adpone.com	intelaxa.com
11	securepubads.g.doubleclick.net	zaxid.net securepubads.g.doubleclick.net intelaxa.com www.googletagservices.com
9	image2.pubmatic.com	1 redirects image6.pubmatic.com ads.pubmatic.com
7	us-u.openx.net	1 redirects gslbeacon.lijit.com us-u.openx.net eu-u.openx.net
7	sync.mathtag.com	7 redirects
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com zaxid.net
6	dx.frontend.weborama.com	4 redirects intelaxa.com
6	match.adsrvr.org	4 redirects us-u.openx.net intelaxa.com
6	sync-tm.everesttech.net	5 redirects intelaxa.com
6	track.adform.net	zaxid.net s1.adform.net intelaxa.com
6	tt.onthe.io	cdn.onthe.io
5	x.bidswitch.net	5 redirects
5	secure.adnxs.com	3 redirects sshowads.pubmatic.com secure.adnxs.com
5	ps.eyeota.net	5 redirects
5	pxdrop.lijit.com	zaxid.net pxdrop.lijit.com
4	image6.pubmatic.com	ads.pubmatic.com
4	pm.w55c.net	4 redirects
4	pr-bh.ybp.yahoo.com	2 redirects eu-u.openx.net ads.pubmatic.com
4	pixel.rubiconproject.com	intelaxa.com
4	eus.rubiconproject.com	intelaxa.com eus.rubiconproject.com hb.adpone.com
4	eu-u.openx.net	us-u.openx.net hb.adpone.com eu-u.openx.net
4	bh.contextweb.com	4 redirects
4	gaua.hit.gemius.pl	1 redirects zaxid.net gaua.hit.gemius.pl
3	pixel.onaudience.com	3 redirects
3	token.rubiconproject.com	3 redirects
3	aqfer.lijit.com	pxdrop.lijit.com
3	c1.adform.net	2 redirects image6.pubmatic.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	pixel.tapad.com	2 redirects image6.pubmatic.com
3	pixel-sync.sitescout.com	3 redirects
3	sync.1rx.io	3 redirects
3	pixel.quantserve.com	3 redirects
3	campaigns.cembra.ch	intelaxa.com assets.bly.ch
3	s1.adform.net	track.adform.net s1.adform.net intelaxa.com
3	www.googletagservices.com	securepubads.g.doubleclick.net dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.ch	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	zaxid.net track.adtrue.com www.googletagmanager.com
2	image4.pubmatic.com	ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	gum.criteo.com	static.criteo.net secure.adnxs.com
2	static.criteo.net	hb.adpone.com static.criteo.net
2	rtb-csync.smartadserver.com	2 redirects
2	ads.avct.cloud	2 redirects
2	rtb.openx.net	1 redirects eu-u.openx.net
2	ad.turn.com	2 redirects
2	www.post.ch	1 redirects assets.bly.ch
2	rd.frontend.weborama.fr	2 redirects
2	spl.zeotap.com	1 redirects ads.pubmatic.com
2	rtb.mfadsrvr.com	2 redirects
2	creativecdn.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects gslbeacon.lijit.com
2	p.rfihub.com	2 redirects
2	pool.admedo.com	2 redirects
2	d.turn.com	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	cct.connects.ch	2 redirects
2	assets.bly.ch	s1.adform.net intelaxa.com
2	googleads.g.doubleclick.net	dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
2	dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.com	1 redirects
2	piwik.luxnet.ua	zaxid.net piwik.luxnet.ua
2	24tv.ua	zaxid.net
1	sync.ipredictive.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	track.adtrue.com	intelaxa.com
1	aktrack.pubmatic.com	intelaxa.com
1	sshowads.pubmatic.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	match.taboola.com	image6.pubmatic.com
1	trc.taboola.com	1 redirects
1	s.tribalfusion.com	image6.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	image6.pubmatic.com
1	green.erne.co	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	image6.pubmatic.com
1	acdn.adnxs.com	hb.adpone.com
1	tracking.adtracker.ch	1 redirects
1	cct.shop.post.ch	1 redirects
1	data.adsrvr.org	gslbeacon.lijit.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	loadm.exelator.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	aorta.clickagy.com	1 redirects
1	vap4ams1.lijit.com	intelaxa.com
1	gslbeacon.lijit.com	ap.lijit.com
1	beacon-fra2-v4.rubiconproject.com	intelaxa.com
1	exchange.adtrue.com	zaxid.net
1	cdn.adtrue.com	intelaxa.com
1	57d05cf59475447ed390f107e00bebf4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	juke.mmi.bemobile.ua
1	source.mmi.bemobile.ua	zaxid.net
1	cdn.onthe.io	ajax.cloudflare.com
1	cdn.gravitec.net	ajax.cloudflare.com
1	ajax.cloudflare.com	zaxid.net
0	tg.socdm.com Failed	rtb.gumgum.com
0	cs.emxdgt.com Failed	rtb.gumgum.com
0	b1sync.zemanta.com Failed	rtb.gumgum.com
0	sync.technoratimedia.com Failed	rtb.gumgum.com
0	sync.srv.stackadapt.com Failed	rtb.gumgum.com
0	sync.outbrain.com Failed	rtb.gumgum.com
0	a.sportradarserving.com Failed	rtb.gumgum.com
0	ads.playground.xyz Failed	ads.pubmatic.com
0	a.volvelle.tech Failed	ads.pubmatic.com
0	id.rlcdn.com Failed	intelaxa.com
0	ums.acuityplatform.com Failed	gslbeacon.lijit.com
0	pa.tns-ua.com Failed	source.mmi.bemobile.ua
524	141

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
t.me
www.youtube.com
play.google.com
itunes.apple.com
luxnet.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2020-02-06` - `2021-03-09`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2020-04-07` - `2021-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.luxnet.ua Go Daddy Secure Certificate Authority - G2	`2020-08-11` - `2021-08-21`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
intelaxa.com Amazon	`2021-01-06` - `2022-02-03`	a year	crt.sh
paadserver.projectagora.info R3	`2021-02-25` - `2021-05-26`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.adtrue.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-08-14`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
ploxtar.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
*.adomik.com Gandi Standard SSL CA 2	`2020-02-13` - `2021-03-05`	a year	crt.sh
assets.bly.ch R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
campaigns.cembra.ch R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
cert1.a2.atm.aqfer.net R3	`2021-02-23` - `2021-05-24`	3 months	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-20`	2 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.frontend.weborama.com Go Daddy Secure Certificate Authority - G2	`2019-08-29` - `2021-10-27`	2 years	crt.sh
www.post.ch SwissSign Server Gold CA 2014 - G22	`2019-07-31` - `2021-07-31`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 100 frames:

Primary Page: https://zaxid.net/
Frame ID: 730BDE90A0D3D017BFDF49F5EDDD69B6
Requests: 81 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7BCB0A51A42311CB037536C24BDBCAF0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGy3KuEduSYtF9ywWfkXPuDfrCwyw-Afa_TTodUJ5j693SgEbRaUjzwPNvBaUnb2aK5SD3M0UUHgoFrFhZKgy_XujJ3o_imggL_kqBc2B9__49sJfIw54KUbEty_krFh258vPgYQb1WGhNUvFM0PO3G734EgAnrhNlMwBPCTbQ6E9R5RIeC39DsXUrMrWf7tuxCF7IggXysQBCfjTocnmbUTapZ_ZAt3TmFagta6Ur-vh4zjEhV_frfGlBzZKgNVg-DN2pyAFlFVH3b6-TLh_6ipwOtbuVGBmr_8WjbNNZF2Mud8DXsBWoNA&sig=Cg0ArKJSzAe_elpG4-FqEAE&urlfix=1&adurl=
Frame ID: 98A1E84D30E9BC1549687EABFD3C32BA
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 569EB005140190507B704DE23AD13DD8
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
Frame ID: DC6922EC5D5234625A3879128BED1819
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
Frame ID: 46CEDFE763B6DF8BA44F03FB8F614DFD
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
Frame ID: C7DA3DEA6B41622AE23A777514E3F847
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
Frame ID: 563A8503FEF4D949846EA67A43DF2749
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
Frame ID: 696F81CBC5D1000CA1D17A28D7C07C53
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
Frame ID: 5770043A3AB84CFC9096F543EAF47905
Requests: 8 HTTP requests in this frame

Frame: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
Frame ID: 742BB556A68F7C887F4F2FAD0EC34085
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Frame ID: F657BA88101B599215CDB27E188D1E1D
Requests: 12 HTTP requests in this frame

Frame: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Frame ID: CE30437E6635F49A536EA89C29DCD3A7
Requests: 12 HTTP requests in this frame

Frame: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
Frame ID: 5BA8B906F1612CD04E5EB4EB0258B676
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
Frame ID: BFAAB434DDD672AA0842D1E316CEE52F
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
Frame ID: 0D4EDCE6F36E55ADD6421D8730DCF25C
Requests: 10 HTTP requests in this frame

Frame: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Frame ID: 19E427C887C0096E441FEE88423F540F
Requests: 2 HTTP requests in this frame

Frame: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
Frame ID: 7CBCF777B4E75AF250E0EBE4133C0A67
Requests: 10 HTTP requests in this frame

Frame: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: BC47072B398F7F6DC93EF1B1F4585C9D
Requests: 7 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=17670&ref=https%3A%2F%2Fzaxid.net%2F&cb=4288256302&timeZone=1&adWidth=728&adHeight=90&loc=https://zaxid.net/
Frame ID: E8FCB21ACD01AF810C449E7CF36BAC84
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: 7BBD15865FF23082CC7E9EF73789FCDA
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: 6F628E6D37592BF8B6CF5DAE8176ABD2
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: E532FBFA52F354F0209265775206ECDE
Requests: 7 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=39656147;rtbwp=737EC2967AFB16C2;rtbdata=BU3e4SiRjQsQadOvFWhmf4zNi7adpM36odJHfjso6stebTG7sIFoEPK1PcYbFMOexACF2t0J_X53kOO0KuKqEaj76eGaEq4sVoNGea-fY7VRbHG75jX5OkxSxgeOJRI-ikSyMY6XAlzJPXpFOZZcG2a0S7aetQnPHyS0NlKv2z5Qdz3QTj7d-wnjYrKe0aynjq0tk4pSVLdgq0bDMtd9Zjb_119wm4vvp_sx9R6kupzhQW6FXjSrzw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/d7e3bf60-85ca-4af7-9f6c-2b4c1e835b92/
Frame ID: F3120B7C5477A3903017CA4A0C6D200D
Requests: 13 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: B3B0338A03BB9B5789AFC9FDB7F17933
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html
Frame ID: A52E7F521028F0B5313024D4F7F2B2F7
Requests: 19 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: 08A20994228FD5F54CA3A77FF0C71660
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: 7E6E63417677D2EF2EE96AA00F4F52F9
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: BEE5BB345DF95A8F6A3A90C9DB1F1225
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: 19E48CA8D55877F3E70FAA71CECC0A34
Requests: 7 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: 9CE3171D131639665856F8D6C8C6DC89
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0AB34A333FBCD157DC2EFAEFFE9317D6
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: BF2D8C24C2D7F301DC67AC54F1D5D03B
Requests: 2 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Frame ID: 0D233021F6B391DEBF0F7E9733014667
Requests: 7 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 86E60B245E7DCB8171D035A756757E97
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: FF8F7257834BE230C43B7996BCCBC300
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 4407D5B884039EA5DC03E9F8223F20D8
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 79D08ADA5B509772645C711340AE201C
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 32A0AF84714E611396A827275F6904D0
Requests: 2 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Frame ID: 41D81448C19D3ABE207B8E713C50CEDB
Requests: 22 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: B9DD17F1080FAE079AF687715DACFF18
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: A89101B46CAB4815E8C7B86636D745BE
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: C069A91636A54BBAD4E38A2CE4770A52
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 1694C4A1B27B98EE5536AADADD066AFB
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: C7F55DBDED4618CA60CCCD59DA7333FC
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: F19EA8A9054517CDCD6676AC84B51B69
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=8968102175321445886&gdpr=0&gdpr_consent=
Frame ID: 626A32EB342267E308A2025C54A87D3D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 598A517386468AC42B4440AE93B7570D
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: A486D26F207006C2E52AB6D3E05DEF95
Requests: 8 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: F35706591CF83D6DA6F0F5CC0E79C95F
Requests: 2 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: B214C7435C9BCF35D4E5025B1BAADE8B
Requests: 2 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Frame ID: 48048AE1C3209F36BF76AD472930C9D9
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Frame ID: 5124997F067A8379403308A520BE6065
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/1.457.182/a/CH/t_.js?cid=c026
Frame ID: C74346E66E74119AA4718390D515E8B1
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/1.457.182/a/CH/t_.js?cid=c026
Frame ID: B9BB1770F883792C06D4CB255826BEE2
Requests: 1 HTTP requests in this frame

Frame: https://aqfer.lijit.com/samples/empty.js
Frame ID: 77247C3548238BA02190DD3392AE8627
Requests: 1 HTTP requests in this frame

Frame: https://aqfer.lijit.com/samples/empty.js
Frame ID: ED1B94C87F79F9DF99048F4BDE26B4CF
Requests: 2 HTTP requests in this frame

Frame: https://aqfer.lijit.com/samples/empty.js
Frame ID: 54CEE6E5B0E1962810B9AEE1F3E1DE85
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&gdpr=1&gdpr_consent=undefined&id_mid_4=f1ddc1ec-a304-4942-52b3-a905725e5743&reqId=e18542d4-caf2-4af4-7c7a-afa926c039c8&zcluid=c9e0b350e7671f85da7288c5&zctry=CH&zdid=678
Frame ID: 1A6A4BF50A49C3BE6E55188382623E8A
Requests: 1 HTTP requests in this frame

Frame: https://www.post.ch/de?lea_source=2021022814241845845090963X116404V1571145373M
Frame ID: 6EFDA72CFAB683D9197DFDB5F6BA6E92
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Frame ID: 7578DB8C05027E76427D4FFF1A95673A
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Frame ID: 73ADA5BEAC99EDA6F12706EFF0BFC82E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Frame ID: 33BFB4274257D6CD6FADAA7D40DAAE1C
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 34B5208E8B257B6A4DA0181A1AED08F2
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: D609EC8CAE6FF61C997005B21A6801CE
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F0FD9E24B6FC732847CD7E45F1CF2C3C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 17EF2FD728A21E493B06F9C256B57D14
Requests: 25 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9F5380E80174D1231F52082CE8F7E88A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FA2FFBC68D9F88D37D2498177B240B36
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=zaxid.net
Frame ID: C662BB42C26CB3D9778DC9021E9CEE2A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 66E6EDD9AA31FAF3A163679C0F6BAB5B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6702532818025395296
Frame ID: 5CC5F7122A07975D710192BC33B5BDFD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGwHU7AdzMAABHRBuqaNw
Frame ID: FAEDD4F999F8966043512080739DD8DB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934304852086749328
Frame ID: EB1AC19EDA351CAF6059F1BE3DD2B2D2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aNTgkuyUQdnesIdpkRRzWZKk
Frame ID: FE422956C7296FE8CFAA1E7EB1C601E5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: AF334FD36BEE8BA13B059BF0C5216D25
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 1B85A8728232E88BE405523E5194A869
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 08EAEA93F35F3670295FBE4F2602DF15
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1CUnyW6w5JlQ&pid=557219
Frame ID: 149C0F6DC4C5F6A0B4B204D74223A0CE
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: BF74D379A79D49E22C9D93ACB808EC09
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Frame ID: 61665B72746E7CFA91DCB57BB2275625
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2wl0iO9Y1Lgm3z5&gdpr=0&gdpr_consent=
Frame ID: D36BCE46542CFF0A5D447E54EBA7EC67
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E2B7FA427207CBA181354A9984227C3C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 46730C1AE38C8BAA1E367135F63EDDA6
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=667074&adId=2668709&adType=3&adServerId=165&kefact=0.100000&kaxefact=0.100000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=0&kltstamp=1614518659&indirectAdId=2342932&adServerOptimizerId=1&ranreq=0.7972226841565497&kpbmtpfact=0.000000&dcId=3&tldId=60823901&passback=3&svr=ADS23004U&adsver=_3781111458&adsabzcid=0&ekefact=g5k7YHL7DABgNl4lt58yTHy_X8EfYa3wh20PB6W9IE7APMk-&ekaxefact=g5k7YI37DADOOhw1hsD618fUCkEwh5ExlfMiczWEdpWPsJ9w&ekpbmtpfact=g5k7YKb7DADmyFSyXbNY-w8NVZ7rBhmWo4-DpZt8GLDfY0c0&enpp=g5k7YMf7DAA1_K1icIuLlQhO4QOcC76dItN84eVvWcPWrMZw&pfi=1&dc=lhr19&crID=0&campaignId=0&isRTB=0&imprId=6DD3FBC6-CD4D-4852-B83C-B84FFAA0D046&oid=6DD3FBC6-CD4D-4852-B83C-B84FFAA0D046&cntryId=45&domain=zaxid.net&pageURL=zaxid.net&sec=1&pAuSt=2
Frame ID: 123B369B79E3BD614949FBF1D145FE16
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9872A57B5DA3187F615937B32998BC16
Requests: 2 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=17670&domain=zaxid.net&ref=https%3A%2F%2Fzaxid.net%2F&loc=https%3A%2F%2Fzaxid.net%2F
Frame ID: 92C583F54FF5EA27384A6ADE54213887
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=120211F7-B17D-4092-962E-A4B0DFFB8F85
Frame ID: D71EC913EFFBDD7E0A5711BA22FAFE51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E7B1320711C14F3E9705E99B28255E27
Frame ID: 79A4CA9D05E5B8D8A6F14FC75986A0C1
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=120211F7-B17D-4092-962E-A4B0DFFB8F85
Frame ID: E202CDAC1CCF7CFD573F218B2BA8085B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=
Frame ID: 6666A3F2634EFE0837EB5443CF8E5F35
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=
Frame ID: C21743B9AA9BA590363A24E886C0D5EB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jODQ4YmMwNC1mMjA4LTRhNDItYWU0YS00ZWFkOGZkNDEyYTQ=&gdpr=0&gdpr_consent=
Frame ID: 264FB966109BCD240810EF54EA00CAF2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9FB727A465D1A97ABEFB86C226DE4E3D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=7ebe2308-d361-42d6-8318-e6a2b0792897&t=1617110663
Frame ID: 749DAA048A74B5D5058FC42D8723D207
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 81E8391CDA0AD99F4256BF19F15BDA42
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 1558377FFBA490A4A5536E32FC687CD7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871597492892055810
Frame ID: 3A114CF5EC47FF361672CDB3135F01F9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=y2ZG0FBNLjZ9vAp0tpBb&pi=gumgum
Frame ID: 1966067E691F0AD11B57E7664AA09A9C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C8599599DD35A0C82B080ECEC4BCA4CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zaxid.net/ HTTP 301
https://zaxid.net/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Matomo (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /piwik\.js|piwik\.php/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

524
Requests

97 %
HTTPS

27 %
IPv6

90
Domains

141
Subdomains

82
IPs

13
Countries

4116 kB
Transfer

11689 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ZaxidNet
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ZaxidNet
Title: twitter

Search URL Search Domain Scan URL

URL: https://t.me/zaxidnet
Title: telegram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wwwzaxidnet
Title: youtube

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.com.tv24.zaxidnet
Title: android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/zaxid.net/id1016376905?l=uk&ls=1&mt=8
Title: ios

Search URL Search Domain Scan URL

URL: https://www.youtube.com/wwwzaxidnet
Title: You Tube

Search URL Search Domain Scan URL

URL: https://luxnet.io/
Title: Made by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zaxid.net/ HTTP 301
https://zaxid.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://gaua.hit.gemius.pl/_1614518651950/rexdot.js?l=100&id=pzNL0DbHPKajEUa6xssGPYXzTIRd60SJYzijke5Nq6L.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fzaxid.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=c.nbR603paY73xMLHtuAjIxUFZZhBnW.9RdTMw2yDoz.N7&vis=1 HTTP 301
https://gaua.hit.gemius.pl/__/_1614518651950/rexdot.js?l=100&id=pzNL0DbHPKajEUa6xssGPYXzTIRd60SJYzijke5Nq6L.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fzaxid.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=c.nbR603paY73xMLHtuAjIxUFZZhBnW.9RdTMw2yDoz.N7&vis=1

Request Chain 336

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 342

https://cct.connects.ch/tpv.php?t=116404V1499141797M&subid=pv|5852874|876144&rnd=56179 HTTP 302
https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404&lea_source=2021022814241745845089631X116404V1499141797MSpv|5852874|876144&utm_source=connects&utm_medium=NNNNN&utm_campaign=aff

Request Chain 345

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=c9e0b350e7671f85da7288c5/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=c9e0b350e7671f85da7288c5/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=eaf3f73921f9bbb4251d47d8b56d02d4

Request Chain 346

https://ps.eyeota.net/pixel?pid=51md42u&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlQ4U1NLUEFLR0N4MXdydUtyZk94N2NfdWRoSE5FSkVodHFNcmNzdW1rdUk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51md42u&&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51md42u&referrer_pid=51md42u&google_gid=CAESEKhwH6XXZvioXYuR06qt59M&google_cver=1 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51md42u&&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=9040159769359373822&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51md42u&&referrer_pid=51md42u HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=1040603b-9981-4a00-bae1-a3aa6106e7bb&dc_rc=3&dc_mr=5&dc_orig=51md42u&&referrer_pid=51md42u HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_pid%3D51md42u HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_pid%3D51md42u&_test=YDuZggAAAGHoyirK

Request Chain 358

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D12%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=12&3pid=6864390710533493707&gdpr=0&gdpr_consent=

Request Chain 359

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=m6lUB5SgX1WAqFRWyK9KVpr6Al2ArlJSy_jlyKuv

Request Chain 360

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=23&3pid=CAESEAUBS8vv0ym1l5wntvPCgY4&google_cver=1&gdpr=0&gdpr_consent=

Request Chain 361

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=dc1eca1c-1283-4e16-a00f-710046b06d0b HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=dc1eca1c-1283-4e16-a00f-710046b06d0b HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=05c43fba-db86-4b33-a0ab-6cdac5c21ab9&user_group=1&ssp=fmx&bsw_param=dc1eca1c-1283-4e16-a00f-710046b06d0b HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=dc1eca1c-1283-4e16-a00f-710046b06d0b

Request Chain 362

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=c9e0b350e7671f85da7288c5&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=7999603b-9981-4300-a7c5-17430a88d31a&gdpr=0&gdpr_consent=

Request Chain 363

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzllMGIzNTBlNzY3MWY4NWRhNzI4OGM1

Request Chain 364

https://aorta.clickagy.com/pixel.gif?ch=185&cm=c9e0b350e7671f85da7288c5&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:3ac2bd4c7b2f5b7a7abf5b08babbd97f

Request Chain 365

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 366

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871597492892055810

Request Chain 367

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=1CUnyW6w5JlQ&ev=1&pid=558511&gdpr_consent=&gdpr=0

Request Chain 368

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YzllMGIzNTBlNzY3MWY4NWRhNzI4OGM1 HTTP 302
https://ap.lijit.com/dsp/google/reporting

Request Chain 369

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t

Request Chain 370

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ams.creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=y2ZG0FBNLjZ9vAp0tpBb&pi=sovrn&gdpr_consent=&gdpr=0&tc=1

Request Chain 371

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=83&3pid=KLP6PZFO-V-DG5Z&gdpr=0

Request Chain 372

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dc535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dc535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dc535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=

Request Chain 373

https://um.simpli.fi/lj_match?r=1614518655993&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E7B1320711C14F3E9705E99B28255E27

Request Chain 374

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=0d26cd41-03e8-4c74-8132-57b5426fcd7c

Request Chain 375

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=KLP6PZFO-V-DG5Z&gdpr=0

Request Chain 377

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ce.lijit.com/merge?pid=85&3pid=AADFR07AdzMAABEXFzMSNA

Request Chain 381

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=8968102175321445886&gdpr=0&gdpr_consent=

Request Chain 391

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dd52603b-9980-4400-a605-aaee7e5567b3

Request Chain 392

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=85K8cvybtyDok7wjoJSiI_LB6ijolbono8NPwHxt

Request Chain 393

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8405308105229877284

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEACrhT1GjkZ2kQEQsT6nNG0&google_cver=1

Request Chain 405

https://spl.zeotap.com/?zdid=678&env=mWeb&eventType=pageview&zcluid=c9e0b350e7671f85da7288c5&zctry=CH&gdpr=1&gdpr_consent=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&gdpr=1&gdpr_consent=undefined&id_mid_4=f1ddc1ec-a304-4942-52b3-a905725e5743&reqId=e18542d4-caf2-4af4-7c7a-afa926c039c8&zcluid=c9e0b350e7671f85da7288c5&zctry=CH&zdid=678

Request Chain 406

https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined&bounce=1&random=2268080300 HTTP 302
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D&gdpr=1&gdpr_consent=undefined HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=72CbGVY55ZPv&gdpr=1&gdpr_consent=undefined

Request Chain 407

https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined&bounce=1&random=3222225997 HTTP 302
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D&gdpr=1&gdpr_consent=undefined HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LfcPQHM6as0t&gdpr=1&gdpr_consent=undefined

Request Chain 408

https://cct.connects.ch/tpv.php?t=116404V1571145373M HTTP 302
https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1 HTTP 302
https://tracking.adtracker.ch/link/red/l/Mzg2?lea_source=2021022814241845845090963X116404V1571145373M&utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects HTTP 302
https://www.post.ch/?lea_source=2021022814241845845090963X116404V1571145373M HTTP 301
https://www.post.ch/de?lea_source=2021022814241845845090963X116404V1571145373M

Request Chain 413

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xQNlBaRk8tVi1ERzVa

Request Chain 414

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTAwNDZjY2RmNzc0M2Y3YzYzYTBlMTMwMzdjOTY2Mzk3YjM4OGRjMA

Request Chain 416

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEExjhXSFNNT-PhsWZ_vGmV8&google_cver=1

Request Chain 418

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YDuZggAAAK1gHFZV HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDuZggAAAK1gHFZV&_test=YDuZggAAAK1gHFZV

Request Chain 419

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/lUsQ9BYPxZdlmXKtkUoLaA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8913913027722238241

Request Chain 420

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7de0603b-9981-4100-97f4-d7f9996da288

Request Chain 427

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 428

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=TO5Lu1MXhl2p4tt4pOk1Yg==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 430

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2ofcLqOd1Lgm3z5

Request Chain 431

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=a15623fd-8b62-4c30-83dc-13adfd034468&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=dc1eca1c-1283-4e16-a00f-710046b06d0b

Request Chain 432

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHd0hVN0Fkek1BQUJIUkJ1cWFOdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGwHU7AdzMAABHRBuqaNw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGwHU7AdzMAABHRBuqaNw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7747237351274062879 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGwHU7AdzMAABHRBuqaNw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7747237351274062879%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=7747237351274062879&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGwHU7AdzMAABHRBuqaNw&pid=558502&do=add HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGwHU7AdzMAABHRBuqaNw

Request Chain 443

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6702532818025395296

Request Chain 444

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERlIwN0Fkek1BQUJFWEZ6TVNOQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGwHU7AdzMAABHRBuqaNw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7747237351274062879 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGwHU7AdzMAABHRBuqaNw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7747237351274062879%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=7747237351274062879&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGwHU7AdzMAABHRBuqaNw&pid=558502&do=add HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGwHU7AdzMAABHRBuqaNw

Request Chain 445

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934304852086749328

Request Chain 446

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aNTgkuyUQdnesIdpkRRzWZKk

Request Chain 447

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

Request Chain 449

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 450

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1CUnyW6w5JlQ&pid=557219

Request Chain 451

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 452

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

Request Chain 453

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2wl0iO9Y1Lgm3z5&gdpr=0&gdpr_consent=

Request Chain 454

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EgIR97F9QJKWLqSw3_uPhQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 456

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=120211F7-B17D-4092-962E-A4B0DFFB8F85&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=120211F7-B17D-4092-962E-A4B0DFFB8F85&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 457

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=120211F7-B17D-4092-962E-A4B0DFFB8F85&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=120211F7-B17D-4092-962E-A4B0DFFB8F85&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=120211F7-B17D-4092-962E-A4B0DFFB8F85&addseg=31

Request Chain 458

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTIwMjExRjctQjE3RC00MDkyLTk2MkUtQTRCMERGRkI4Rjg1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 459

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECyadS5L-2CUzoKPhRaHZ1k&google_cver=1

Request Chain 461

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ebe2308-d361-42d6-8318-e6a2b0792897

Request Chain 462

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8405308105229877284

Request Chain 463

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=

Request Chain 464

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6864390710533493707&gdpr=0&gdpr_consent=

Request Chain 465

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=120211F7-B17D-4092-962E-A4B0DFFB8F85&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LpjfIT91l2I7LE.iwj7XFr.KpNa8byc-&gdpr=0&gdpr_consent=

Request Chain 467

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Request Chain 468

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 469

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA

Request Chain 470

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=

Request Chain 471

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=

Request Chain 473

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d59cbe7-e707-4814-9380-66879489ac3b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 475

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_01110cb2-6879-4a40-90ae-8a65dd433feb

Request Chain 496

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E7B1320711C14F3E9705E99B28255E27

Request Chain 498

https://pixel.onaudience.com/?partner=214&mapped=120211F7-B17D-4092-962E-A4B0DFFB8F85 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=7ebe2308-d361-42d6-8318-e6a2b0792897&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eaf3f73921f9bbb4251d47d8b56d02d4 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=87b794cfb8397f00

Request Chain 499

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7de0603b-9981-4100-97f4-d7f9996da288

Request Chain 500

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4545bb83-79c8-11eb-ae9c-ebe1803d12b8&gdpr=0&gdpr_consent=

Request Chain 504

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=6864390710533493707

Request Chain 505

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2

Request Chain 507

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=648565f7-d284-0725-28ed-8722bfa00e9e

Request Chain 509

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-4_xXpOZ1lxDueFdU2uA9ouTcB.U78ot55Y14

Request Chain 510

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=4545bb83-79c8-11eb-ae9c-ebe1803d12b8

Request Chain 513

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 514

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=1CUnyW6w5JlQ&ev=1&pid=558355

Request Chain 516

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=

Request Chain 517

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=

Request Chain 520

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=7ebe2308-d361-42d6-8318-e6a2b0792897&t=1617110663

Request Chain 523

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871597492892055810

Request Chain 524

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=y2ZG0FBNLjZ9vAp0tpBb&pi=gumgum

524 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
zaxid.net/
Redirect Chain

http://zaxid.net/
https://zaxid.net/

105 KB
18 KB

106ms
92ms

Document
text/html

2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5e9fd572579923d15af6593be0221b4a4b8251d8269e55891393d1d35245d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

:method: GET
:authority: zaxid.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d34d2f4e6f9aa3e4e194c66913dd0cb951614518651
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
link: </assets/lib/advUtils.js?v=51>; as=script; rel=preload,</assets/lib/jquery-3.5.1.min.js?v=51>; as=script; rel=preload,</assets/lib/app.js?v=51>; as=script; rel=preload,</assets/lib/zaxid.js?v=51>; as=script; rel=preload,</stylesheets/styles.min.css?v=51>; as=style; rel=preload,
original-url: /
rt-proxy-cache: HIT
strict-transport-security: max-age=0;
cf-cache-status: DYNAMIC
cf-request-id: 088a68a16100004ac8c48c7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hLgERwk3qoWWyNefn1%2FU29eKonaf10RxtTHmthCq803ZtF8t7eMyR9hWqyRap6r1TmLHBFu1tOVsW00cdTxWvjkpHkVn5r2VfOlPelKcC%2BgklxSxfmY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 628a76e238bd4ac8-FRA
content-encoding: br
cf-h2-pushed: </assets/lib/advUtils.js?v=51>,</assets/lib/jquery-3.5.1.min.js?v=51>,</assets/lib/app.js?v=51>,</assets/lib/zaxid.js?v=51>,</stylesheets/styles.min.css?v=51>

Redirect headers

Date: Sun, 28 Feb 2021 13:24:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d34d2f4e6f9aa3e4e194c66913dd0cb951614518651; expires=Tue, 30-Mar-21 13:24:11 GMT; path=/; domain=.zaxid.net; HttpOnly; SameSite=Lax
Location: https://zaxid.net/
CF-Cache-Status: DYNAMIC
cf-request-id: 088a68a0f200002b89613fd000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f4hADojWHeBfC7rMpK2QILnXgHIxCOqUsHgewqawq80CaQRylbHJLQI19bs1RxPtH%2F5LAcBSUQo1cLq4Fn%2F3TfJj3%2BJynYFXTujjPFaYvidgHlingWA%3D"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 628a76e189002b89-FRA

GET
H2 200 advUtils.js Show response
zaxid.net/assets/lib/ 12 KB
4 KB 1ms
0ms Script
application/javascript 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/lib/advUtils.js?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a55acf77c6dc8578b0d1ffa6f832d21b8027fe44958f6bd86dd099ae3a1b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944073
original-url: /assets/lib/advUtils.js
cf-bgj: minify
cf-request-id: 088a68a1b700004ac8d0358000000001
last-modified: Wed, 17 Feb 2021 14:27:20 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"12012-1613572040000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IvW7MskK3fgyyZxz2%2BxIxOz9RNZMDIJ0GdNnQKmQLirD8uHe4oBq88PwmP1Ciz5uQSDvzlG8DCKQY81jR1kBPCglV20uFVoe30k535XY8fNYAiJzsz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 628a76e2b98b4ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
zaxid.net/assets/lib/ 87 KB
30 KB 1ms
0ms Script
application/javascript 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/lib/jquery-3.5.1.min.js?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944073
original-url: /assets/lib/jquery-3.5.1.min.js
cf-request-id: 088a68a1b700004ac89db99000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"89476-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XENGx9Yp8Lny%2B8IyDDHQ0KxZSSFwgVLgcUEgVqj1gfYhDoA6ME5A7Q%2BHlBuwrohC2DTFmvuIyzpi0sWscWydfiRofDXdPAspNsQid3s4v53CYdj6%2FtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 628a76e2b98c4ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
zaxid.net/assets/lib/ 13 KB
6 KB 3ms
0ms Script
application/javascript 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/lib/app.js?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880a7b177ea2edbf752eaf89b1449db2c7ef6a8e5a7acdd9eac0cc7623b1427d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944073
original-url: /assets/lib/app.js
cf-bgj: minify
cf-request-id: 088a68a1b700004ac8c6002000000001
last-modified: Wed, 17 Feb 2021 14:27:20 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"13612-1613572040000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uHGYQ%2FQJv0gZDyKvzCcG4EizKOMjQraGLWBgN6VcZ5yYtVZzHP55y%2BXi20lZHUHbdKNG3yUjZjmy0RhfQqSlqQr8Fza43Z2K0Dn9nlMbwwVE8fV4xCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 628a76e2b98d4ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zaxid.js Show response
zaxid.net/assets/lib/ 32 KB
12 KB 3ms
0ms Script
application/javascript 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/lib/zaxid.js?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6be5a59ac00f758927e56bab12839366fa7ca93e09dafe25a44af28966aca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944073
original-url: /assets/lib/zaxid.js
cf-bgj: minify
cf-request-id: 088a68a1b700004ac8af977000000001
last-modified: Wed, 17 Feb 2021 14:27:20 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"32825-1613572040000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s9p6WKigt6luHSTO5jyYNWdQ4ObWd8ZooViALsvEu0hGTK88%2BkLydeg5FoNeMqITTz%2FxFcFFSSIv3qscFuRmeXotgYPpptX5bdvC6YbutaFBxLU6tW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 628a76e2b98e4ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.min.css
zaxid.net/stylesheets/ 136 KB
17 KB 2ms
0ms Stylesheet
text/css 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d7e445c8fac27a90341f0c3f0c6b87de64649b3fb207c6eb19adb015ed8b713

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1703
original-url: /stylesheets/styles.min.css
cf-request-id: 088a68a1b700004ac87f088000000001
server: cloudflare
rt-proxy-cache: EXPIRED
etag: W/"139468-1613572030000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4%2FF1tGf8Cv1zBDrxmx34lWwIGMzwkNwseXgq2oOXbc57cdg7c2wTKgi%2FzJ9zJ28JIpjZx6aiyp%2BIPq2Qgc4%2BpNY3gMFgVVHoUFphapVdQL6SvHAUIQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 628a76e2b9904ac8-FRA

GET
H2 200 pt_serif-web-bold-webfont.woff2
zaxid.net/assets/fonts/pt_serif/bold/ 42 KB
42 KB 14ms
11ms Font
font/woff2 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/fonts/pt_serif/bold/pt_serif-web-bold-webfont.woff2

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f7123cb517799e75b78e8e9161d90af103d916f517b109caa45e9b2b02f12c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Origin: https://zaxid.net
Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944336
original-url: /assets/fonts/pt_serif/bold/pt_serif-web-bold-webfont.woff2
strict-transport-security: max-age=0;
content-length: 42720
cf-request-id: 088a68a1cd00004ac8c6865000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"42720-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f3JrvbgdSubwfIsg8al68HJDaY9QkA%2B2NMfjb%2BEWPPXggPghVF8%2FdWMQS%2FJP1q3VQwfuJCp5XRrd3ApugXPuePaYfCIbCHxuMuaDr%2BaGH%2FshLjMvFDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 628a76e2e9ca4ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 covid-arrow.svg
zaxid.net/images/ 162 B
476 B 13ms
13ms Image
image/svg+xml 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/covid-arrow.svg

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b422d6dceb86a259cb69e8564f23152bd1ef21073ef1d7b55ff7557d08a06e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2381
original-url: /images/covid-arrow.svg
cf-request-id: 088a68a1d400004ac8a32da000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: EXPIRED
etag: W/"162-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Nco%2FZxM4stP62F4Gz%2B4RN1tlipkwVCVmScdyBtY2UtGdnYyA3eXamNaTNb07Szhct9z1h0jg82%2FuksNXsQ1EV4KVzeuwX4Yrnd%2FNkEeZKP2B769txo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 628a76e2e9dd4ac8-FRA

GET
H2 200 round_blog_big90.png
zaxid.net/images/ 582 B
1004 B 12ms
11ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/round_blog_big90.png

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00859b6cb8e6e7091e776e64a27a5b9a455f55aa4ab3c1632ab2d7b7612c76d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3129
cf-polished: origFmt=png, origSize=2202
original-url: /images/round_blog_big90.png
content-disposition: inline; filename="round_blog_big90.webp"
content-length: 582
rt-proxy-cache: HIT
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
etag: W/"2202-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2B7DUuOtVY8FHQyqNV2sO9nw23It0%2BKUiyQd4ID30NYAvAyUJmZEu5ErYOJRoiB7UnYtCgkWDWkUHBObx5HedMimZtSlIit8zjMsEA6zb46ndCM2SHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
cf-request-id: 088a68a1e000004ac89ebb6000000001
accept-ranges: bytes
cf-ray: 628a76e309f94ac8-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 29ms
12ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 088a68a1f200002b1ef02cf000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LIKlDRVGBGLy6Lxnd%2Fv0vlYHdHvuB3SQE7TDXBSzx%2FHPFpIMOdPHDGDiXxvX1Blf0YoDKX0asPp6mNL1dlRZ%2BP45EQlHvMgWQ8JQ4IsIF1XUdtQc4fv2%2BQz48nC%2BDQV5"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 628a76e318602b1e-FRA
expires: Tue, 02 Mar 2021 13:24:11 GMT

GET
H2 200 logo.png
zaxid.net/images/ 3 KB
3 KB 11ms
11ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/logo.png?1413825604

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28175c3f010d2aece4dc71da70430536d029f6699d3d55910b3ea237df158ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4380
cf-polished: origFmt=png, origSize=5124
original-url: /images/logo.png
content-disposition: inline; filename="logo.webp"
content-length: 2570
rt-proxy-cache: EXPIRED
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
etag: W/"5124-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uepJQpdEqYWPhigVxUDhjgK047cp8RtI6rB426QLNh3xtTkisG5FKGRtcqOD61Yf9evekvaCcTLB9EVrbtYf3ezaHq3wEIsFD8w%2Bjy9ussdmW4VCxpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
cf-request-id: 088a68a1ed00004ac87f08b000000001
accept-ranges: bytes
cf-ray: 628a76e31a144ac8-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 icons-s7faa855704.png
zaxid.net/images/ 20 KB
20 KB 12ms
12ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/icons-s7faa855704.png

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fdc56f1dd369c2bb0d88ab5e82dd0afedf00876f8cf7b193878d1e31a82460e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4818
cf-polished: origFmt=png, origSize=37862
original-url: /images/icons-s7faa855704.png
content-disposition: inline; filename="icons-s7faa855704.webp"
content-length: 20412
rt-proxy-cache: EXPIRED
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
etag: W/"37862-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9JcwX3lQ9M%2Fk5RS01ncY79V5mA8Q53gWCmAixKagKhDrr07WAGcyD1fL7xKyVRp611KDF0XXdNu4YbLoOF3nTApagOKoMjnRi0I5%2F9MFA7KlT3Eiq30%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
cf-request-id: 088a68a1ee00004ac879b2f000000001
accept-ranges: bytes
cf-ray: 628a76e31a174ac8-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 telegram-icon.svg
zaxid.net/images/ 541 B
798 B 11ms
10ms Image
image/svg+xml 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/telegram-icon.svg

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb84a92b246ca8706eb02cfb88358eb481fc014e3a84ad450a440101929078b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1331
original-url: /images/telegram-icon.svg
cf-request-id: 088a68a1ee00004ac8d0359000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: EXPIRED
etag: W/"541-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nJKCOmAGl2gb1kpQilIy8MPrC8rkg%2FproWAOWcU%2FMYUQQ%2FrXWcr95mUllHU4vyn1e0B8fSunqhycoamvEKij60J5519Ta62l5y1Hd6116kREW5jO2J4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 628a76e31a194ac8-FRA

GET
H2 200 youtube-icon.svg
zaxid.net/images/ 783 B
707 B 11ms
11ms Image
image/svg+xml 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/youtube-icon.svg

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f73e0cda9d21ae614ece5c6ee24b7d9e1f236bf2aa873cacb20cffcbb4fb5800

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1331
original-url: /images/youtube-icon.svg
cf-request-id: 088a68a1ee00004ac8842bd000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: EXPIRED
etag: W/"783-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z8P24L%2FPQoVyxJi0bFzmWyd71EAn60mmKFzW4n0PHk9NOo2TgP9NiKC0f6xMxPwaEeDorKy%2BUzwdWWDDA2v4Z815mTTEyzehZVXLxVk7g8RentoQS%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 628a76e31a1d4ac8-FRA

GET
H2 200 catalog-icon.svg
zaxid.net/images/ 668 B
511 B 11ms
11ms Image
image/svg+xml 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/catalog-icon.svg

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb08e712ea568a407f46b4af7bc3fd5e79ca3bf0cdff63221602c5e020800a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1331
original-url: /images/catalog-icon.svg
cf-request-id: 088a68a1ef00004ac8993d1000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"668-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4oXjbAzi0khZupYsYWn8YAHfRiMzUE4L6iUYaSSdpokW2fjmo0jW7FIg5fJ2gwdordOi3XXToAJQ6wlHnqSqagWsYjNY14oTgqcmMCGuwJOUXe92%2Bz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 628a76e31a1e4ac8-FRA

GET
H2 200 pt_sans-web-regular-webfont.woff2
zaxid.net/assets/fonts/pt_sans/regular/ 32 KB
33 KB 17ms
17ms Font
font/woff2 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/fonts/pt_sans/regular/pt_sans-web-regular-webfont.woff2

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5215fb8902626d45ff5edfd1a66084c09639d2b6e5619f9325d9612d3d6a5593

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Origin: https://zaxid.net
Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944336
original-url: /assets/fonts/pt_sans/regular/pt_sans-web-regular-webfont.woff2
strict-transport-security: max-age=0;
content-length: 33120
cf-request-id: 088a68a1f300004ac8a23c9000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"33120-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Oi%2FVeaKmagPCJR%2FZXtnGCGp0iyPIWRaEpUPUcR00TJBCfwXKyA8TGIdWEgmJxGpyzrBiauJmSETrBc6DZulfCWNGDC%2BrQiDsqoq9Yb1PGyzToXbh01U%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 628a76e31a294ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pt_serif-web-regular-webfont.woff2
zaxid.net/assets/fonts/pt_serif/regular/ 42 KB
43 KB 18ms
18ms Font
font/woff2 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/fonts/pt_serif/regular/pt_serif-web-regular-webfont.woff2

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3feb67ce5fd8d1b3a276040e613f4f738409654aacfdd37759f50489aefe491

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Origin: https://zaxid.net
Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944336
original-url: /assets/fonts/pt_serif/regular/pt_serif-web-regular-webfont.woff2
strict-transport-security: max-age=0;
content-length: 43240
cf-request-id: 088a68a1f700004ac893298000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"43240-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0hDcyn5aZ9twG%2FtI2UzegjASH%2FLaofkhi8QAESFVzsME1Ox9HUMS%2BDoJ9mKKZE22W%2Btijx9TQMrMotf%2B1Bk2TlE6Bf2aaJEFHpkLB1PRDLk%2FjWqSwJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 628a76e32a314ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pt_sans-web-bold-webfont.woff2
zaxid.net/assets/fonts/pt_sans/bold/ 33 KB
33 KB 17ms
17ms Font
font/woff2 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/fonts/pt_sans/bold/pt_sans-web-bold-webfont.woff2

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7da4dbeab4fd4a0896a7251f8fb01649bac82fe2bbaedac2cb2f7c4b89e36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Origin: https://zaxid.net
Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 944336
original-url: /assets/fonts/pt_sans/bold/pt_sans-web-bold-webfont.woff2
strict-transport-security: max-age=0;
content-length: 33456
cf-request-id: 088a68a20900004ac874bcb000000001
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"33456-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oKRIfAO3lpQP7aWLAXepVkR%2BdqjHDj22ItwsTXTk85es1bLPgq5vxKRncyxO8luMpvZ8zez3JTU6X40N65%2BslZ4tYazWn4C5PWgKEUVdAT5ZaL4ma7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 628a76e33a6c4ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1499402.jpg
zaxid.net/resources/photos/news/202003/ 17 KB
17 KB 273ms
272ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202003/1499402.jpg?202102281522&fit=cover&w=456&h=257&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf184e82362f591b3c1032d3e0eaec6dfad9586da1d9040818bbaadd6b8de6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename=image.jpg
content-length: 17151
cf-request-id: 088a68a22d00004ac8a32e0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vmn79xnQP%2FP%2F0l%2BOg1ipkoVfR2CYjxqKOyR8qh95PxOa3TrzKgHQJaxCE1Xx3DIJmHmmXt2NjXfJRDQZI5pdClWu51IfWgsZRjBGoeFPtsZcrUPn8ls%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e37acd4ac8-FRA
expires: Mon, 28 Feb 2022 13:24:11 GMT

GET
H2 200 1515040.jpg
zaxid.net/resources/photos/news/202102/ 5 KB
5 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515040.jpg?202102281017&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d750ba94e0706f53442c33de1c7dc2303ec4a115b1568437ed86317fa2c258

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 17868
cf-polished: status=not_needed
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 4740
cf-request-id: 088a68a22d00004ac8d5ace000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FmyxkQJTF9LcofKeSjQTULfa1%2FtuH9HEON69yMqWZpim7g9BuMjA4uNRVmqVGTfTcsubm2du2uUDJk%2FeldJF70h43dnjjxdhabiybV5S00cRAopdBmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e37acf4ac8-FRA
expires: Mon, 28 Feb 2022 08:18:07 GMT

GET
H2 200 1515035.jpg
zaxid.net/resources/photos/news/202102/ 7 KB
7 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515035.jpg?202102281108&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10f09339e43db3d99196c8a980fdd91f5569554cccd4e22961a2c6bc33e0319

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 15136
cf-polished: origSize=7219, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 7126
cf-request-id: 088a68a22d00004ac8ad81c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IiAb2iK79kPohSkZKhINvKqHzGRPSC7UddYUSU46rFG5efJPqTN%2BH0tu1VwWT67IzCgY6Guc8sUqkhX%2FvPzXPN2B46UoOQxNZnT1o%2FyDIwIWst%2BU1Ug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e37ad04ac8-FRA
expires: Mon, 28 Feb 2022 09:09:26 GMT

GET
H2 200 box_shadow.png
zaxid.net/images/ 108 B
565 B 21ms
21ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/box_shadow.png

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df0e8fc336721ff9d220d4486356ea712891701ffb3a65ce6498972b801a637

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6232
cf-polished: origFmt=png, origSize=1597
original-url: /images/box_shadow.png
content-disposition: inline; filename="box_shadow.webp"
content-length: 108
rt-proxy-cache: EXPIRED
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
etag: W/"1597-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=irk8Xfo5u4hsBtRA7yqbaxrvlBz6WcnMq7zrhgdYqtSHnJSV0SZgqNDMI8IdnlAN5mHdcePUdU%2BpiQHEpkNCNrwa31oCrwxftsFbEc6L0zM7XRfRhC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
cf-request-id: 088a68a23a00004ac8c0105000000001
accept-ranges: bytes
cf-ray: 628a76e39aec4ac8-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 53391.jpg
zaxid.net/resources/img/avatars/90x90_DIR/202007/ 2 KB
2 KB 14ms
13ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/img/avatars/90x90_DIR/202007/53391.jpg?202102272038

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfa0bad9e15dbaa7e6efc879b77beedd1ac5d71eb776375884fe1e240558613

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 67486
cf-polished: qual=85, origFmt=jpeg, origSize=2187
content-disposition: inline; filename="53391.webp"
content-length: 1596
cf-request-id: 088a68a24200004ac8b5315000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2A9%2Fi1hvHPGXYVJ0ZtktUOpRRCVwGhkkj1vBkwB%2B9IsH4I1ouRgouIueA6aENgXuXidBCokwO5HI5R%2BESoq0Uo0XUoHzT2%2FxS4ZJD9bulUqVvjgotAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e39b024ac8-FRA
expires: Sun, 27 Feb 2022 18:38:21 GMT

GET
H2 200 53446.jpg
zaxid.net/resources/img/avatars/90x90_DIR/202101/ 1 KB
2 KB 13ms
13ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/img/avatars/90x90_DIR/202101/53446.jpg?202102271703

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6430673cee20e65d7959812a8be24ecb79bf79ec22d67aec945ed54bfa9e684

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 80339
cf-polished: qual=85, origFmt=jpeg, origSize=1996
content-disposition: inline; filename="53446.webp"
content-length: 1454
cf-request-id: 088a68a24200004ac8993d8000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bSrnPKokEH6rSQhTyBis%2FcyQ0jPL6T%2BZlNdgo2b93Jm3p9821jGZJDreFY1PhyF%2BGMk1XnJGHlFW3bB2pZtkOGxqI%2FN3eu5tAYUeMj8AWg0%2FW7c%2B7J8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e39b044ac8-FRA
expires: Sun, 27 Feb 2022 15:03:55 GMT

GET
H2 200 53452.jpg
zaxid.net/resources/img/avatars/90x90_DIR/202102/ 1 KB
2 KB 16ms
16ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/img/avatars/90x90_DIR/202102/53452.jpg?202102261227

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be15ebad935f9f4fd11bb41521627709e6834357807aebb91d10762e61ca63bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 183338
cf-polished: qual=85, origFmt=jpeg, origSize=2048
content-disposition: inline; filename="53452.webp"
content-length: 1414
cf-request-id: 088a68a24200004ac8cc01a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oqrHbk9muoBdIR%2FrZOuj76ZYHoeu7j0qEZNSR0o76N1008jL58BPkk5GmVbOUB9WKNEe2MEpBa6EMAc8IS4gMJnzZMOozOmHuEno%2FtU%2BbtpVBX1hF8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e39b064ac8-FRA
expires: Sat, 26 Feb 2022 10:28:03 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/79032f1d6374ab637fdbaf8db0f4cd22/ 64 KB
18 KB 85ms
25ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/79032f1d6374ab637fdbaf8db0f4cd22/client.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d9481e82e0f0881787a5bdd23fabcbf1f641c146c62be5bfa76ac519431a4feb

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 13:28:19 GMT
server: nginx
etag: W/"5fe345f3-fff0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 06 Feb 2021 07:38:15 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 bottom.min.js Show response
zaxid.net/assets/lib/ 20 KB
6 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaxid.net/assets/lib/bottom.min.js?v=51

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af713167bf4523927dbc0cf3ee41fd9feb5f6943c5f4b47390847e46e039d794

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 940441
original-url: /assets/lib/bottom.min.js
cf-request-id: 088a68a27100004ac8ab2b9000000001
last-modified: Wed, 17 Feb 2021 14:27:10 GMT
server: cloudflare
rt-proxy-cache: HIT
etag: W/"20599-1613572030000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s13057ezCW%2BlBTX7cM2KW0kAEAfDmWFseLx9kOeN%2ByulafN2aiM1sNj20tZi03zKAkONm7lMIXzAp1CrBdiNfvZ%2FI892AE6W63MES70T0A4X%2FHPP3K0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 628a76e3eb674ac8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fAlBsBTbbN7w Show response
cdn.onthe.io/io.js/ 54 KB
17 KB 102ms
42ms Script
text/javascript 142.93.100.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/fAlBsBTbbN7w
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.100.57 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bc2e70a6632aa04e5fe93968e6b0665fb45af02113aba0ff196302e7ccfb4e9

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 08:42:26 GMT
Server: nginx
ETag: W/"5fd08df2-d635"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Mon, 01 Mar 2021 13:24:11 GMT

GET
H2 200 ukraine-merged Show response
24tv.ua/project/covid19/api/ 393 B
598 B 148ms
131ms Fetch
application/json 2606:4700:10::ac43:757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://24tv.ua/project/covid19/api/ukraine-merged
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 813334fbd782aafa09cd9ced4c955ef8bf5991215b97f71c554c0e5bd40bc670

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
etag: W/"189-rgIYpxZgB4vuXGSW2qDobI4I6fU"
cf-cache-status: DYNAMIC
server: cloudflare
rt-proxy-cache: HIT
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: uk
access-control-allow-origin: *
cf-ray: 628a76e40abc2c01-FRA
content-type: application/json; charset=utf-8
cf-request-id: 088a68a28300002c01be0b1000000001

GET
H2 200 logo-luxnet-gray.png
zaxid.net/images/ 844 B
1 KB 15ms
15ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/images/logo-luxnet-gray.png

Requested by

Host: zaxid.net
URL: https://zaxid.net/stylesheets/styles.min.css?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fe76083e758bb47634030b34e3c35ab6a9eaa46619ac984219e7e2f40206a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/stylesheets/styles.min.css?v=51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6056
cf-polished: origFmt=png, origSize=2397
original-url: /images/logo-luxnet-gray.png
content-disposition: inline; filename="logo-luxnet-gray.webp"
content-length: 844
rt-proxy-cache: HIT
last-modified: Wed, 17 Feb 2021 14:26:28 GMT
server: cloudflare
etag: W/"2397-1613571988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1hzg%2BxRaVVEUI9wP29619s9nw8teJirXmMqSnqFp5%2BHFdGfELhttrRNrhSP5E5pKiBX7E6tUOZ4cEQx0yrKhTr%2BsQqOWOwdMXwGI60J1FS3JlmjXNRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
cf-request-id: 088a68a27300004ac88c33f000000001
accept-ranges: bytes
cf-ray: 628a76e3eb6b4ac8-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1515084.jpg
zaxid.net/resources/photos/news/202102/ 13 KB
13 KB 201ms
199ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515084.jpg?202102281522&fit=cover&w=456&h=257&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dabf72b6ea97c33d63697047b329703d138725ac30c6a5d0effa4d161872ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename=image.jpg
content-length: 13319
cf-request-id: 088a68a29b00004ac8e9244000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XxbF8zm4JAa1U1yxx0vhQeiBNhzDRx6Jwj%2FobezgnhYd6%2Btfqrw%2B9OwgnatrOwZ4Y2zApkx%2F12ngJ9f2j4NP%2BJop6uaNTqcrmrmWiRj%2BA0krFN5l1ZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42be04ac8-FRA
expires: Mon, 28 Feb 2022 13:24:11 GMT

GET
H2 200 1515049.jpg
zaxid.net/resources/photos/news/202102/ 18 KB
19 KB 13ms
11ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515049.jpg?202102281518&fit=cover&w=456&h=257&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8747c438157e35c3b0bc5d4c3ff319ec954a0412ae0d55a796643c0537ca4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 115
cf-polished: origSize=19329, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 18809
cf-request-id: 088a68a29b00004ac8d5ad4000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bgXyM6KCGxMXOYfpwxOYTqqUAxObzch52Rjl81HLnP8bR1%2BTFR3cwv8mkt8oXRAPzU2TmNUvPTMkbf3quBMYtnuZTIbZ8b4AOkT%2BjtSrhH1kU5VZZRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42be34ac8-FRA
expires: Mon, 28 Feb 2022 13:20:05 GMT

GET
H2 200 1515111.jpg
zaxid.net/resources/photos/news/202102/ 5 KB
6 KB 18ms
16ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515111.jpg?202102281437&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

153cc2d433b922ce93d8e02f28f2c2e4d5b3d4c283520c04bf11b5968647c0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2589
cf-polished: status=not_needed
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 5287
cf-request-id: 088a68a29e00004ac8b531b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mgRZ2M%2BNAyjPLN8OatOVr8ZsHlQEE%2F%2F83zIH5gez3airAnU%2F%2FmwPX%2Bte0SCJifbT42AkxpQePUTiF5czW4L35Q6065fnEsjMS8JxwlCECCPW2xt5Xng%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42be64ac8-FRA
expires: Mon, 28 Feb 2022 12:37:45 GMT

GET
H2 200 1515109.jpg
zaxid.net/resources/photos/news/202102/ 5 KB
5 KB 12ms
10ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515109.jpg?202102281245&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853f9239cc80c977ec213722fbdaf03effda7544e9f92dd8c27b3bcebd931998

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 9062
cf-polished: status=not_needed
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 5145
cf-request-id: 088a68a29b00004ac8d0365000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9QWIoOspT6nZHxKuN3jtBbOoR5BjoxAEsSv5II%2BJwg5nOyKf2AiSY0ev2Pk8sWrnU2b2UiFBJlxMV4hL346f47hsOcJ4gpALxebeb8F%2BorY9pFzEc3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42be54ac8-FRA
expires: Mon, 28 Feb 2022 10:45:22 GMT

GET
H2 200 1515108.jpg
zaxid.net/resources/photos/news/202102/ 4 KB
5 KB 16ms
14ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515108.jpg?202102281332&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f299cb0c2c2a3e9bb994ea25b5043ae3ad2da96f13e2b2818db4966d4b8c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6656
cf-polished: origSize=4443, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 4417
cf-request-id: 088a68a29c00004ac8cab37000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sJceFTs7RQQ0rIgYFvHkZqETWFw6342%2B96eNYcvYXOEIb5QCABncqbhyGJTbgEGXp%2FIOzt57cOt5qPgC1fvpdqgJtQ2fNxaB2rhYapi%2B%2Fb1fi4v9GQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42be74ac8-FRA
expires: Mon, 28 Feb 2022 11:33:15 GMT

GET
H2 200 1515039.jpg
zaxid.net/resources/photos/news/202102/ 6 KB
6 KB 216ms
215ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515039.jpg?202102281522&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651aab00c17b93ddfa474821789a27cebe3a9a145879a9e987711ad7df1df101

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: inline; filename=image.jpg
content-length: 5717
cf-request-id: 088a68a29c00004ac8993dd000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wmaUMiNO%2B6JYP3p%2BEhuWhIzqC2JiKr8QZS5fEMweLIJSXGlgSj8FN3jtsluqE4iSdkqpCMmczyO%2FkAWjYgbNcqXBrp7%2Fv8QBy2tdNXGsyCWt6%2BnCiYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42be84ac8-FRA
expires: Mon, 28 Feb 2022 13:24:11 GMT

GET
H2 200 1515051.jpg
zaxid.net/resources/photos/news/202102/ 4 KB
5 KB 13ms
11ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515051.jpg?202102272109&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56fae4bcb0f618046af378fe67e99313739705e71e62fb519cce75d2b59f329d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 65466
cf-polished: status=not_needed
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 4233
cf-request-id: 088a68a29c00004ac89ebc3000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=frhvhcmtYQeOLbEV4OzA3QTsUHLr5ARbbmx9K8Hcb6QGJL1dNeGsh6zPpuAqOs53PMGJsseZCHJsyJZiP32rSgxr6pyDglQwmfqX0AzWGSh1FJ2cdtk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42bea4ac8-FRA
expires: Sun, 27 Feb 2022 19:10:17 GMT

GET
H2 200 1515065.jpg
zaxid.net/resources/photos/news/202102/ 5 KB
6 KB 14ms
13ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515065.jpg?202102261908&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341f7f788ba16719a0f2db5e7b964d5f36bd6e73d7170b87428c283563e4ddcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 159291
cf-polished: status=not_needed
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 5375
cf-request-id: 088a68a29c00004ac8d290b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1ixNQyYSbWWQUXpWhm4xZalnRaLlZW8%2BZIODTWW7KkjGlK3C698rmG7s4kY7GkZu5BLaA8ZqomP1%2BGdYnb0PQKaVpA05vwcQUKNFPeP0bU9LIDCBfjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e42beb4ac8-FRA
expires: Sat, 26 Feb 2022 17:08:12 GMT

GET
H2 200 1515074.jpg
zaxid.net/resources/photos/news/202102/ 10 KB
11 KB 14ms
13ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515074.jpg?202102281518&fit=cover&w=456&h=257&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b2ede615f99355aff967872f16f9ae669e552194697170d1bd0a25a3456bfa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 109
cf-polished: origSize=10807, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 10735
cf-request-id: 088a68a31f00004ac8db86e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8xd3G0c3WBRLEd2bjtVJ58q26XwqHVoDBc3dKppAHVw%2FsfrHNJJ4rv%2BeWm%2B4OascTokDis5xhcmQ72xXg7IepUVXU9xE5IaSroNQbYcETT2JL2BJ1U0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e4fd1e4ac8-FRA
expires: Mon, 28 Feb 2022 13:20:05 GMT

GET
H2 200 1515041.jpg
zaxid.net/resources/photos/news/202102/ 5 KB
5 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515041.jpg?202102271425&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dfc20f7af1822d3360fc105fb3622482b0fe1248fd4f50c79150881f8fcabab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 89885
cf-polished: origSize=4997, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 4908
cf-request-id: 088a68a31f00004ac8ab2c4000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YgkW%2Fo%2Bge7Vz%2BZE4FoL1HaSlhYdgwXw5wxJ9QUPhwBVvWuzfKDkBcjLViTcxc1V0G6l1m0KwJqckm39XeVpAbGQo6eJ4qyTkXPvZkKyYyEOc9NndKoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e4fd204ac8-FRA
expires: Sun, 27 Feb 2022 12:26:06 GMT

GET
H2 200 1514966.jpg
zaxid.net/resources/photos/news/202102/ 5 KB
5 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1514966.jpg?202102251755&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a50e2361c1007c8013038f5629b2e7d975522a8281d2ffc3cdf721e9b0d20e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 189625
cf-polished: origSize=4842, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 4773
cf-request-id: 088a68a31f00004ac8912cd000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5vFMCLIu%2BHM7wM5crK6cBe40VIgUMjYz5hAdc7DVmnQ%2F456R9oEBTxz4GthfXMRvO%2FQ8IbSgxZ157hF34nNcROBCxgGR%2Fym9yBooiaQdd7a3zFDLm1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e4fd214ac8-FRA
expires: Sat, 26 Feb 2022 08:41:18 GMT

GET
H2 200 1515000.jpg
zaxid.net/resources/photos/news/202102/ 3 KB
3 KB 12ms
12ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515000.jpg?202102262016&fit=cover&w=228&h=129&q=65

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb39e6bdd7efeab38b6b897f121222f1410f318c8f50364379b29605ac810256

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 155161
cf-polished: status=not_needed
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 2881
cf-request-id: 088a68a31f00004ac8c687b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=41%2FmOSzk8ZZKHQtcI12zrcmcTEfPuIpVDjQirLidBX7LG8WibDqhf1O9t4WtyJnVVy79hIPhVN9X7YRPdEtSWL7blvgSqZCiqsCI7bOzbWQYBUtuLG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e4fd224ac8-FRA
expires: Sat, 26 Feb 2022 18:17:27 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 157ms
51ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=8773:uniques_instantly[url:%2F,domain:zaxid.net,page:%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%3A%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D1%96%20ZAXID.NET,language:ua,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:37616c4ba.7894a39f7_1614518651770,session_id:8ed48b824.e513ea26a_1614518651772,cdn_version:12]&s=3d1e0f336edd434230bc60c414b96895&1614518651776
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/fAlBsBTbbN7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:11 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 154ms
49ms Script
text/html 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=28&holding=285a3b9a0d3863f262102029ba1cf881&hash_user=37616c4ba.7894a39f7_1614518651770&1614518651777
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/fAlBsBTbbN7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:11 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 159ms
51ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=8773:visits_instantly[url:%2F,domain:zaxid.net,page:%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%3A%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D1%96%20ZAXID.NET,language:ua,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:37616c4ba.7894a39f7_1614518651770,session_id:8ed48b824.e513ea26a_1614518651772,cdn_version:12]&s=3d1e0f336edd434230bc60c414b96895&__io=37616c4ba.7894a39f7_1614518651770&1614518651782
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/fAlBsBTbbN7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:11 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 194ms
73ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=8773:pageviews[url:%2F,domain:zaxid.net,page:%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%3A%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D1%96%20ZAXID.NET,language:ua,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:37616c4ba.7894a39f7_1614518651770,session_id:8ed48b824.e513ea26a_1614518651772,cdn_version:12]&s=3d1e0f336edd434230bc60c414b96895&1614518651785
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/fAlBsBTbbN7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:11 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
32 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTW3N3P

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be93ee7ccaf6c8d0ecd0b3ad03f8128dafa7193b2f50c4e3f3abefe8c8f58ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32417
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 13:24:11 GMT

GET
H2 200 ukraine-merged Show response
24tv.ua/project/covid19/api/ 393 B
251 B 51ms
50ms Fetch
application/json 2606:4700:10::ac43:757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://24tv.ua/project/covid19/api/ukraine-merged
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 813334fbd782aafa09cd9ced4c955ef8bf5991215b97f71c554c0e5bd40bc670

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: br
etag: W/"189-rgIYpxZgB4vuXGSW2qDobI4I6fU"
cf-cache-status: DYNAMIC
server: cloudflare
rt-proxy-cache: HIT
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: uk
access-control-allow-origin: *
cf-ray: 628a76e5cda12c01-FRA
content-type: application/json; charset=utf-8
cf-request-id: 088a68a39e00002c01f7be1000000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 93ms
34ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zaxid.net
URL: https://zaxid.net/assets/lib/advUtils.js?v=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

587852d6381ee2e5399e0b4d613cf8ad8de08dd091c810591a4bbddd3c64b7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "797 / 970 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19356
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTW3N3P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5814
date: Sun, 28 Feb 2021 11:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 13:47:17 GMT

GET
H2 200 piwik.js Show response
piwik.luxnet.ua/ 61 KB
22 KB 169ms
51ms Script
application/x-javascript 185.41.250.4
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://piwik.luxnet.ua/piwik.js
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.41.250.4 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 17:48:16 GMT
server: nginx
etag: W/"60071b60-f21c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, public
expires: Sun, 28 Feb 2021 14:24:11 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 39 KB
10 KB 82ms
26ms Script
application/x-javascript 149.202.221.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.221.211 , France, ASN16276 (OVH, FR),
Reverse DNS: ua2.host.hit.gemius.pl
Software: GHC /
Resource Hash: a127af41d27c28c65f968b49a6523c642374f983741f50eb822989c6a78c3111

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:31:51 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10549
expires: Mon, 01 Mar 2021 01:24:11 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 241ms
110ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:53:34 GMT
server: nginx/1.13.0
etag: W/"5dc27bfe-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:53:34 GMT

GET
H2 200 pic.gif
juke.mmi.bemobile.ua/bug/ 56 B
138 B 412ms
72ms Image
image/gif 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juke.mmi.bemobile.ua/bug/pic.gif?siteid=zaxid.net&j=1&nocache=0.07446708678266245
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:12 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: -1

GET
H2 200 1515088.jpg
zaxid.net/resources/photos/news/202102/ 8 KB
9 KB 11ms
11ms Image
image/webp 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1515088.jpg?202102281522&fit=cover&w=456&h=257&q=65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be2970b8d2eb7cfb7e3967bacad4f7f3f2a179c05165dc4fe23421e7cf1c441

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:11 GMT
vary: Accept
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 112
cf-polished: qual=85, origFmt=jpeg, origSize=8802
content-disposition: inline; filename="1515088.webp"
content-length: 8522
cf-request-id: 088a68a3b400004ac8cc030000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q3AufbGsaJdpaJdSBgilEQ29Ku9XxqzMFzS2crOAZeKG%2FdKMop0r90WAquYXaMlRunhYdJaAC19h8axdd5X15%2FOK1uNB8Yzxs8xzyvmK9teVYUV3W78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76e5ee734ac8-FRA
expires: Mon, 28 Feb 2022 13:22:08 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
384 B 48ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1498965512&t=pageview&_s=1&dl=https%3A%2F%2Fzaxid.net%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%3A%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D1%96%20ZAXID.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=945530927&gjid=1156596299&cid=724140850.1614518652&tid=UA-1282944-1&_gid=1979957795.1614518652&_r=1&gtm=2wg2h0TTW3N3P&z=1131336165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaxid.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 36ms
35ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-1282944-1&cid=724140850.1614518652&jid=945530927&gjid=1156596299&_gid=1979957795.1614518652&_u=YEBAAEAAAAAAAC~&z=85099251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 13:24:11 GMT
content-type: text/plain
access-control-allow-origin: https://zaxid.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
391 B 26ms
26ms Script
application/x-javascript 149.202.221.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=zaxid.net
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.221.211 , France, ASN16276 (OVH, FR),
Reverse DNS: ua2.host.hit.gemius.pl
Software: GHC /
Resource Hash: 8e2d675614033c267585499e53d00cd36c732be229c51c85390c4e1b6dc46767

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Tue, 30 Mar 2021 13:24:11 GMT

GET
H3-Q050 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 73ms
40ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1282944-1&cid=724140850.1614518652&jid=945530927&_u=YEBAAEAAAAAAAC~&z=1190914062

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1282944-1&cid=724140850.1614518652&jid=945530927&_u=YEBAAEAAAAAAAC~&z=1190914062

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1614518651950/
Redirect Chain

https://gaua.hit.gemius.pl/_1614518651950/rexdot.js?l=100&id=pzNL0DbHPKajEUa6xssGPYXzTIRd60SJYzijke5Nq6L.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fzaxid.net...
https://gaua.hit.gemius.pl/__/_1614518651950/rexdot.js?l=100&id=pzNL0DbHPKajEUa6xssGPYXzTIRd60SJYzijke5Nq6L.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fzaxid....

169 B
427 B

78ms
77ms

Script
application/x-javascript

149.202.221.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1614518651950/rexdot.js?l=100&id=pzNL0DbHPKajEUa6xssGPYXzTIRd60SJYzijke5Nq6L.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fzaxid.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=c.nbR603paY73xMLHtuAjIxUFZZhBnW.9RdTMw2yDoz.N7&vis=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.221.211 , France, ASN16276 (OVH, FR),
Reverse DNS: ua2.host.hit.gemius.pl
Software: GHC /
Resource Hash: ad53cc8f829d56621c2bb9da789ac4fb42976b1a7844f62cd065864a56e351a8

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:11 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 27 Feb 2021 13:24:11 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:11 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1614518651950/rexdot.js?l=100&id=pzNL0DbHPKajEUa6xssGPYXzTIRd60SJYzijke5Nq6L.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fzaxid.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=c.nbR603paY73xMLHtuAjIxUFZZhBnW.9RdTMw2yDoz.N7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sat, 27 Feb 2021 13:24:11 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 54ms
53ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=8772:uniques_holding&s=3d1e0f336edd434230bc60c414b96895&__io=37616c4ba.7894a39f7_1614518651770&1614518652028
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/fAlBsBTbbN7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:12 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 204 piwik.php
piwik.luxnet.ua/ 0
123 B 136ms
136ms Other
text/plain 185.41.250.4
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://piwik.luxnet.ua/piwik.php?action_name=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%3A%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D1%96%20ZAXID.NET&idsite=6&rec=1&r=904501&h=14&m=24&s=12&url=https%3A%2F%2Fzaxid.net%2F&_id=ee294391f4395525&_idn=1&_refts=0&send_image=0&cookie=1&res=1600x1200&pv_id=BGby2Y&pf_net=15&pf_srv=91&pf_tfr=2&pf_dm1=165&pf_dm2=263&pf_onl=1
Requested by: Host: piwik.luxnet.ua
URL: https://piwik.luxnet.ua/piwik.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.41.250.4 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
Software: nginx / PHP/7.4.8
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://zaxid.net
date: Sun, 28 Feb 2021 13:24:12 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: PHP/7.4.8

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 48ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=zaxid.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zaxid.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 442 B
714 B 54ms
54ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=91835533747760&correlator=430421064773947&output=ldjh&impl=fifs&eid=31060170&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=56301415%2Czaxid_branding&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=zaxidPageType%3DmainPage&cookie_enabled=1&bc=31&abxe=1&lmt=1614518652&dt=1614518652074&dlt=1614518651334&idt=722&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1619185465&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fzaxid.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x-1&msz=0x-1&ga_vid=724140850.1614518652&ga_sid=1614518652&ga_hid=1498965512&fws=132&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

b6e7cf0ef4c7a814861d9d81bd03803a7a234d7a76a68a1efe59b1aef1d3f3dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zaxid.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 60ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET get_cookie
pa.tns-ua.com/bug/ 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc470612163dcfa23c997e22fb8745d24edcceaf074c6fad0c854e3a26608ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6556
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:12 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7BCB 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 12:53:35 GMT
expires: Mon, 28 Feb 2022 12:53:35 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1837
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BCB 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 00:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 46447
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Mon, 28 Feb 2022 00:30:05 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=91835533747760&bg=!p6SlpOfNAAXB_3NtwTsAKQB2-Dxa2UvVqNjpxUXwr0kTuKORktzb33dp_abqnNSDdgA7B9FfPAGvAgAAAFtSAAAADmgBBwoBdfrGdqHkaw1BRiUEB0HxOfpVvnTXlarcr8omZDLtllB_2pNmbZW3Ql7XwsI-j65woEbZEHxgiWros_HzpA7GEg4DLXmbhearqnf4h9V1qKuzO1RyrYax7eh70SRx4ct7FoeqqOGsofdxRZ4GtcKM0-AJOtHej5QIwiml8SZrGNEBtXRh9dEpSAsTeOHYDIhhZHInLOtZHX3ewD9CgEqbAOXzx7h5GzZcVSIdtwG7uc_SgNw8Zyco3Niji6oA5OrtUa68oVeBkuz5SoxIE09CrbkjFTdZvpD8D1RD4zj5EBu4ZaZfE8bqh3gxaFCPaSXkOgCcVW5aH1FOKqwyMIAVRHs3nZb-lBwT34IyHHaHn5FnlkOo-WlERBrFXM6ba7VMffhtm2Zf2HsJEdMH_mtcvDRnYySrrRox8sv848xKoA4SepYn9kuGmoqGGOlPop19TstNaLgkyw2h7TInNoeL-2xTU-RB-tYoZA_P1jbskDKM0XiDxLGZAdlX-tbSQkbvSyyuawdPaRznoPdcEdPxCH9pBuLAwQ7ipK3QAqMxBhiOhOnTKtlUHdXcme6SWU_WDBGcNURpDNgtQtRN0iYdh8KqD65xk7go1YYmAD0BzBLXaK52UyjKm8Ce2rkdHDfVs5-eqggDPK10ime73jKUr8RDPsPtVNdIQ-yECeB_NH3Z37AdWkWXUi7MaSTqMrjF5gvo107pJ7TUj3s0w-05OL9F_o7aqHBc_Hzz4ZJU6Pzfqh_fnUCFCo30EtZ5Phkc30YychloDn15BzhE5_PhuWQTQUYEaOuvV53QtsreEuzF-GHIelZqR5hLVlTKhDL5tnO066KF76BCzj7Gd_w8ZM6xBo6tVsMfe8sbPmfMwBAO18rxOcU94CZqpjtD6jYZqOWbdnVFzFUNENX4H1eny-gNGoScArLOE006SyegH5UmcP2ytVreDPMEoPByBIht5zGBn805RQbBGyvRBUgmUZCB8rvhTpsQAGloDFYnTGxfIS9XqTUyDocnZrPMCDXYbzbmBADy5Ur73pMDMIjMhf-ogsoq1HnmjukneUexJyuNoUu5m-UET_CLZA6A4xns6WoUnC-8I3YvnHRwkeUwZG9G6SIGYuS_U1LX3T-hABTIFw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1514746.jpg
zaxid.net/resources/photos/news/202102/ 9 KB
9 KB 15ms
14ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1514746.jpg?202102201455&fit=cover&w=228&h=129&q=65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a2a4240b8f8c34ca0268a95e40d54028597b02169d3c6259e4188af4425e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 691977
cf-polished: origSize=8870, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 8714
cf-request-id: 088a68a76a00004ac8ba9f0000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jkh2F%2FN%2FtJSvZmVSDlyjOC5NQgU2y9r%2B7IlQGTqbXFUXPlW%2FU%2B0mPD83dUEGAX5dOLIi14HYd7XwbPuHDWfe5Cj8AtLOXKBDCNEfpx9m1VnJQIFs6%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76ebd8444ac8-FRA
expires: Sun, 20 Feb 2022 12:55:45 GMT

GET
H2 200 1514680.jpg
zaxid.net/resources/photos/news/202102/ 6 KB
6 KB 14ms
14ms Image
image/jpeg 2606:4700:20::681a:799
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaxid.net/resources/photos/news/202102/1514680.jpg?202102191109&fit=cover&w=228&h=129&q=65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:799 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b468cfa40d0315d15a0841a49d6e3814d76a99edd56efee8cd75d2c52b73fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 28 Feb 2021 13:24:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 792586
cf-polished: origSize=5906, status=webp_bigger
content-disposition: inline; filename=image.jpg
strict-transport-security: max-age=0;
content-length: 5859
cf-request-id: 088a68a76a00004ac88910e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lnp1ih1WjHck6zLHRMmbVYR68dV5bMI5NrW9UMUPsnJ%2B1eUHeqrBw4t%2F9wdQ1pv1kd2Ied0nbUw3gxGol6%2BQzQ234vshFn1iZ8q7%2BbWF8qrhzFgKF3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 628a76ebd8464ac8-FRA
expires: Sat, 19 Feb 2022 09:10:12 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
777 B 59ms
44ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=zaxid.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 57ms
42ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zaxid.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 375ms
374ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=91835533747760&correlator=430421064773947&output=ldjh&impl=fifs&eid=31060170&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=56301415%2Czaxid_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=zaxidPageType%3DmainPage&cookie=ID%3D8e4044b6c15555d8-2247e770a2ba00bb%3AT%3D1614518652%3AS%3DALNI_MaVkDdy9XUo351kPMAo3K7RnqRK_g&bc=31&abxe=1&lmt=1614518654&dt=1614518654309&dlt=1614518651334&idt=722&frm=20&biw=1600&bih=1200&oid=3&adxs=260&adys=20&adks=3605534961&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fzaxid.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1080x90&msz=1080x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=724140850.1614518652&ga_sid=1614518652&ga_hid=1498965512&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

2e701000cbc18fd74a40ba52e6578e8915f912a7eacf9d59863d0ba6b629487f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2522
x-xss-protection: 0
google-lineitem-id: 5323972532
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138306201544
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zaxid.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
29 KB 714ms
714ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=91835533747760&correlator=430421064773947&output=ldjh&impl=fifs&eid=31060170&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=56301415%2Czaxid_300x250_300x600_below&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=zaxidPageType%3DmainPage&cookie=ID%3D8e4044b6c15555d8-2247e770a2ba00bb%3AT%3D1614518652%3AS%3DALNI_MaVkDdy9XUo351kPMAo3K7RnqRK_g&bc=31&abxe=1&lmt=1614518654&dt=1614518654315&dlt=1614518651334&idt=722&frm=20&biw=1600&bih=1200&oid=3&adxs=260&adys=4712&adks=189704131&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fzaxid.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=333x4628&msz=333x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=724140850.1614518652&ga_sid=1614518652&ga_hid=1498965512&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

b69fc9f8ef4316ac127283715b752c3f926c501e2375b71525c7a82e25152e57

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKGZlNfWjO8CFQPJuwgdRmgApg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15720476547285047871/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKGZlNfWjO8CFQPJuwgdRmgApg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15720476547285047871/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28663
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 28 Feb 2021 13:24:15 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zaxid.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98A1 0
0 63ms
63ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGy3KuEduSYtF9ywWfkXPuDfrCwyw-Afa_TTodUJ5j693SgEbRaUjzwPNvBaUnb2aK5SD3M0UUHgoFrFhZKgy_XujJ3o_imggL_kqBc2B9__49sJfIw54KUbEty_krFh258vPgYQb1WGhNUvFM0PO3G734EgAnrhNlMwBPCTbQ6E9R5RIeC39DsXUrMrWf7tuxCF7IggXysQBCfjTocnmbUTapZ_ZAt3TmFagta6Ur-vh4zjEhV_frfGlBzZKgNVg-DN2pyAFlFVH3b6-TLh_6ipwOtbuVGBmr_8WjbNNZF2Mud8DXsBWoNA&sig=Cg0ArKJSzAe_elpG4-FqEAE&urlfix=1&adurl=

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
intelaxa.com/ Frame 98A1 18 KB
18 KB 129ms
57ms Script
application/javascript 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d19ba9e80e21f7a3e9dbc96b15586f8253c1fe4ebcc6b8241867870ce0dd4f83

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: m3rJYAkZYLBrq5v2EIN9ZezJ47Ms3zt6oOXLZoiNo9xquTh9hkYzIg==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98A1 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:14 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:14 GMT

GET
DATA 200
OK truncated
/ Frame 98A1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80746cb8fd66d3b98468b97c27ec0b19c9ba4017d55eac6dc95b28e1e308a2ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 569E 56 KB
19 KB 34ms
34ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

587852d6381ee2e5399e0b4d613cf8ad8de08dd091c810591a4bbddd3c64b7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "797 / 52 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19356
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:14 GMT

GET
H2 200 syncro Show response
intelaxa.com/ Frame DC69 10 KB
10 KB 61ms
61ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: kSagsZfYUPLzLs7PhhUTIKBMZIfjcOIfNxABKtWINyGNFgEXopiyEg==

GET
H2 200 async_usersync Show response
intelaxa.com/ Frame 46CE 10 KB
10 KB 52ms
52ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: S492Lj_DOdeG-eyDt3jnmk5QCAWbfzUrwWupZNDCfkt3Hxh1umaepw==

GET
H2 200 user Show response
intelaxa.com/ Frame C7DA 10 KB
10 KB 65ms
64ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: FnkUGliQ1HSKimJklQQGH5A_j04sW7pqEZaR-2ZtC0j2Z0lM04kUCA==

GET
H2 200 stats Show response
intelaxa.com/ Frame 563A 10 KB
10 KB 91ms
90ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 7cU4tn6rmdJoKOQI4TXMX4GUEV0wntfC-NLtkHrIQtdAi-80LZBF1g==

GET
H2 200 sync Show response
intelaxa.com/ Frame 696F 10 KB
10 KB 94ms
93ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 39vb8cuYfV2EBnsv87PaUJRFQJCRXBnJtjnq5wOu06TGkWKmt2RP5Q==

GET
H2 200 counter Show response
intelaxa.com/ Frame 5770 2 KB
1 KB 63ms
62ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 255ce00ea5f70f47ca6f9124672fe1828625dea8dc5f5de69f5b6cbcaa1fc37f

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mKFcQY3q_AtmZVfTQjDVYBra_AH6HLanr-FvdjB4MA451yYWFWnS3A==

GET
H2 200 async_usersync Show response
intelaxa.com/ Frame 742B 10 KB
10 KB 81ms
81ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: IJi_RrNKjqbuPX8wEFQo2Kc3gr-wSQWpNRJwY7mpVUouXVO77fa_RQ==

GET
H2 200 usync Show response
intelaxa.com/ Frame F657 2 KB
2 KB 87ms
87ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: eb820950aa51d61b6b6962e702848ed464917433156e0bd71fdbb3b617033fe0

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
content-length: 1632
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OHM98C8MD6GYlwIRgMoxZ42MtWjMn-9CUNR1L8ydVpnpo4lt0JAjQQ==

GET
H2 200 counter Show response
intelaxa.com/ Frame CE30 10 KB
10 KB 75ms
75ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: fdo3avbYqaLxLwhPa6ASkOXZUlTBcAIa_r4YoxGeoXldYJNYpTi4nw==

GET
H2 200 counter Show response
intelaxa.com/ Frame 5BA8 10 KB
10 KB 81ms
81ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9tZYF1n5YK0ITP4Jcx1THp3d7_orM7c1Cnrhr3w4hUSMjGdF-Opwag==

GET
H2 200 user Show response
intelaxa.com/ Frame BFAA 10 KB
10 KB 92ms
92ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: GVdkqHA002WLxoWVeND_vZZfL5YVsQvl7xNkcW9R0TViJ2dwHSAnOA==

GET
H2 200 send Show response
intelaxa.com/ Frame 0D4E 10 KB
10 KB 90ms
90ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: i1hIWiVkm6TcJu2RpSvBdokxnG080_SRxNeDWqihtc8l3gKYhAe8BQ==

GET
H2 200 counter Show response
intelaxa.com/ Frame 19E4 2 KB
2 KB 95ms
95ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c7fbfb347cf570b85dca7b64a126acc4cd9934c924951dcdb131366c4cacc429

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
content-length: 1874
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: hBAQeq0a90FO7tUg8sPln3pxA4C0-ZQWjdglKBcmpTV40_EF6fOXBQ==

GET
H2 200 usync Show response
intelaxa.com/ Frame 7CBC 10 KB
10 KB 94ms
93ms Document
text/html 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff

Request headers

:method: GET
:authority: intelaxa.com
:scheme: https
:path: /usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=89a9de03ea561324df3cf822bd1ce1a7169fc1b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Feb 2021 13:24:14 GMT
x-cache: Miss from cloudfront
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mcdlLOw514O4msdTsVRl_3jXxmz4EweVgvsg_FhucMB6iGey3CQgcA==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98A1 0
0 108ms
74ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtPW15bTAWcLoTJ7KEM8P-Pez-iGDA8-qyYTzA3PbabbiK5G4bfceAeCHwYqrCb3_MAL_OPDA55Qg_ebfPgx9KpxkzwQSJeIc0_pqq9_GkhuW_u0mmLtgewz-voqPySu7EXO2NVnNu-UpZuM-fFnSBxoMTTCHot9oDBqHUkkL6l1cRUDFCCtrPNQRo4RcqJq8CLOIkbNifXKD8P9eWsiQ7LDEknR7yBVf7p4ZG4ESMuvgdcD1GPLe5SAMW8s81zOUKi45J7_2LuMyma_rNBDbIlJZ1UhtffjgrX14cjw&sig=Cg0ArKJSzBuDxp8e0PBCEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:14 GMT

GET
H3-Q050 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 569E 290 KB
102 KB 34ms
34ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:14 GMT

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 46CE 302 KB
88 KB 55ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5335
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BE6ioeT5LVQfRJXKKG%2Fg1nejFCxpxo8xPD4Dp%2Fg%2BUjIKR3I%2FWAB0dMxQkYhSCbBFBp%2FA7f1qeNMUAu392MG605H22yQ58iTkev7fhHTXEQFJb0KRSz4AiXav"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68afee000024885c167000000001
cf-ray: 628a76f97b962488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame DC69 302 KB
88 KB 30ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5335
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9AoSspHMpyxGML090RwOlcvT50Q6%2BVy1pRIUBLDLQ4Hw2UBynf%2BlT4%2FVsFQrSzWcwS0qXn%2Fs5Lox%2B0x20xlA%2B8uR9Ai3S2z9rOaJuahnPYjCj2YTdv%2BCKlkv"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68afee0000248893bbe000000001
cf-ray: 628a76f97b982488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame C7DA 302 KB
88 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5335
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=STQd8dxMNDdVRw5Rf0iY2TjcDDq%2FpGNlGivG7jLlvQMhki2iS5HfSggj5ZuYaJgOiXKeA0BSlawLsIB9nnR4ohmGEIb2pc24uONJS9y2cYuRjRYq2Gn79d27"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68aff3000024887b1a1000000001
cf-ray: 628a76f98b9e2488-FRA

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 5770 13 KB
4 KB 42ms
16ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 569E 107 B
123 B 28ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=zaxid.net&meb=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 569E 107 B
146 B 29ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zaxid.net&meb=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 569E 166 KB
16 KB 495ms
495ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1419397294024454&correlator=2480691785366648&output=ldjh&impl=fifs&eid=31060207%2C21068031%2C31060026%2C21069711&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=21671350435%2C970x90-zaxid.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&cookie=ID%3D8e4044b6c15555d8%3AT%3D1614518652%3AS%3DALNI_MbTYiLLJPObpz5xNoHd5sbCpKKw2Q&cdm=zaxid.net&bc=31&abxe=1&lmt=1614518654&dt=1614518654986&dlt=1614518654855&idt=125&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=90&oid=3&adxs=436&adys=20&adks=290344049&ucis=9s4vsdksuyfj&ifi=1&ifk=2563794398&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fzaxid.net%2F&top=https%3A%2F%2Fzaxid.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x-1&ga_vid=724140850.1614518652&ga_sid=1614518655&ga_hid=1943931237&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

b1523f32cb97289468bcbdcb5b55d336b1f2bbf07723663c65dbef1ef4e5e86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15873
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zaxid.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
57d05cf59475447ed390f107e00bebf4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 569E 0
0 28ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://57d05cf59475447ed390f107e00bebf4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 569E 0
0 7ms
7ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pxl.jpg
intelaxa.com/ Frame 98A1 597 B
832 B 52ms
49ms Image
image/jpeg 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelaxa.com/pxl.jpg?i=g9vsltglsvoa0vgwp5ks&s=783&p=https%3A%2F%2Fzaxid.net%2F&rstk=https%3A%2F%2Fzaxid.net%2F&h=3672981614518654998
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 597
x-amz-cf-id: vfVFLlZN7DlUUO6Ecw3GN3VZtrc38McZRNI8eubrkVvbKEoTuVVS5A==
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame CE30 302 KB
88 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pUP4L3PMItvU97NS1HrhOPDPBQFwbIEXaq0R19ussLDIqoX7Bnn%2FRBA8TJ%2FEAvsP%2Buq1STFugQ2LcDgxln%2BhZar0DCRXLBuWa7NkyIuiBe34%2BsclDVrMk8my"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b01e00002488f2939000000001
cf-ray: 628a76f9cbf52488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 742B 302 KB
88 KB 28ms
27ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2%2F4%2Bsn53on%2BA8AUuwmksB8gMBLr2X1tvnv4i%2Fglkko1tTm0lTDHkgprsgpEew5nTzsMiEgRZbzwn5uDYRM6hOLQ8dG904ifW4CLtBuhAjCBUheFdpmENehst"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b02400002488159a6000000001
cf-ray: 628a76f9dc042488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 5BA8 302 KB
88 KB 31ms
31ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nffNF4BgAeh%2BNZDmK%2BuOo4g6EOqaHKLJHVflItiFLqt39bD4eBR72uYxUbz6W%2F0WF%2FE3XsWM4Ja8eiQfw9cbipi3Wlb2ZvdylwlE%2FNjcSEW8ZvEzJsSCirCs"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b02800002488e8a66000000001
cf-ray: 628a76f9dc0f2488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 563A 302 KB
88 KB 28ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D62nq%2B1mdpjuh%2BqFD8%2FOgnJXX2gYJXconkOUdfqQDM%2F6RKETt3ebNK9JszgZhwhQUJrOsmlpr8ghgxx3VOCw9hpXuT%2F%2BLHXiMSCYv4iLOx8mxAOmrMTvX2Zj"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b02e0000248835296000000001
cf-ray: 628a76f9ec152488-FRA

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame F657 5 KB
3 KB 137ms
45ms Script
text/javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=694893&width=728&height=90
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5f4932f3-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap4ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 696F 302 KB
88 KB 36ms
35ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dP45PdfVSP0wBimFg8S%2BQYov3lMd2Wi%2B0MklV83umgOeIMI2Ks8AZqK3dAw1hME6%2Bq8KpwGxxn1UOpglpEoRAKuv5VDZOvp5h3IxkpE4kEb0xeKGg34Jq7q9"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b03e0000248804868000000001
cf-ray: 628a76f9fc2b2488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 0D4E 302 KB
88 KB 27ms
27ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QaHy6F%2Bct%2FaHGe6MQ3arEMDSA54kKck3NXKYtvLtyDjG1xzKJGIElWgXwOJ8y49ZtprD4cGGkLRKdZPAKFdXFK5Olwahqn8qQg9P1LhU4ztpMfxMvDpKWvEw"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b03f00002488159a7000000001
cf-ray: 628a76f9fc322488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame BFAA 302 KB
88 KB 35ms
35ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BJRqWEx8aLaquyvCL5TvKmkWpHpq1CekJrETz7wR7X2KBldDuK2x7bq9jSi4D3WeraSCWhqR5YUFlzNqhHuWCbzMG2HTKf58FaugWB7ua5szfeIzjEFu4pQ%2B"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b043000024886ca84000000001
cf-ray: 628a76fa0c372488-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 7CBC 302 KB
88 KB 30ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5336
content-type: application/javascript
x-amz-request-id: 17CD16A89098840A
x-amz-id-2: py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nq95Dp4kBEqVE9QRG6NxNs0gAae9uxvSNCRnzMMOB4lBfoLA5fqUCIymt5FWEh3EFLCwanb5TDXSTRb0vJayv%2Bx1RqZBN8n9kca%2FDr5jIk9KcdC8BoJidytV"}]}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 088a68b04b00002488f5334000000001
cf-ray: 628a76fa1c4a2488-FRA

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ Frame 19E4 7 KB
3 KB 41ms
17ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
age: 9028073
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 628a76fa39b82b4d-FRA
cf-request-id: 088a68b06400002b4d69312000000001
expires: Thu, 11 Nov 2021 01:36:22 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame DC69 5 B
445 B 212ms
124ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPTgxMTZjMmIxLTkzNDUtNDllYS1hMTgzLTkyYjMyMDEyZDViZg%3D%3D&pt=gross&stid=91607f41-8ce4-425e-ace7-8c3736904b5a&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame DC69 173 B
559 B 192ms
130ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=8116c2b1-9345-49ea-a183-92b32012d5bf&nocache=1614518655074&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518654954&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: ec00e08dad49044c963558151bfac14c57129340e0f7b90af122587d637e0dac

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DC69 240 B
2 KB 198ms
108ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=8116c2b1-9345-49ea-a183-92b32012d5bf&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.02287740331488175
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b79150624472852f7c2c47fa2bb2d6d747c462d5307f93a2a74a89e25db334fa

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DC69 0
142 B 110ms
36ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=53613253561
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame DC69 0
57 B 189ms
126ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:52:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame DC69 0
327 B 133ms
47ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame DC69 24 B
629 B 125ms
46ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24343c460244e3cdbd711fda7304554cbdca8620d5917ebddb5dab501613740a

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DC69 19 B
712 B 125ms
48ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid: aebd3c49-f611-4f99-bb4b-fcd6b88e7a06
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 5770 363 KB
104 KB 47ms
32ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3hC05MGvWsLvcPPNV31RyNskkSUMDi42UfC8TC%2FQvBrqLKSSBeET7KUsVeAudjHTQnAsSzzmYTFui5D8MJGs6Nogn48U896rxHKk72cXAagIxFugXutktlV2lxjd"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b07f00002c3637103000000001
cf-ray: 628a76fa6de92c36-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 46CE 19 B
711 B 137ms
67ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid: a8926ddc-fc70-458f-a2e6-039823ead928
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 46CE 0
142 B 86ms
36ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=77915841230
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 46CE 0
327 B 133ms
50ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 46CE 173 B
361 B 163ms
130ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=2e6685ef-e292-4bcb-aa31-c94b7cf35e34&nocache=1614518655104&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518654935&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 44a79d03406e6a4df14fd63213c5cc0e91db0861222ed88a909ab3191f6bf03c

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 46CE 0
57 B 163ms
125ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:11:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 46CE 5 B
445 B 245ms
188ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPTJlNjY4NWVmLWUyOTItNGJjYi1hYTMxLWM5NGI3Y2YzNWUzNA%3D%3D&pt=gross&stid=933e35e7-8b3d-4bd9-9ea6-52fa6bc9515b&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 46CE 24 B
629 B 100ms
42ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffba78815344e367fc5a81919d6c8b234bd1cd98bb65515f3fa7022a26a1dda6

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 46CE 240 B
2 KB 209ms
116ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=2e6685ef-e292-4bcb-aa31-c94b7cf35e34&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6835389916863344
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a151561e84433d90be28aa14ae32868a5859f3d89111d765155aed226e42d272

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame C7DA 5 B
446 B 160ms
121ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPWY2NmEyMzdkLWYyY2MtNDY0Yy04NWFiLTIzOTYzNDdiZDZjMg%3D%3D&pt=gross&stid=b3d6e961-ea66-49d0-b094-2902a210e703&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C7DA 0
142 B 65ms
36ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=8900834851
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C7DA 19 B
711 B 112ms
40ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: 76b7b858-a747-460a-9349-c998895325ab
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame C7DA 173 B
357 B 142ms
131ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f66a237d-f2cc-464c-85ab-2396347bd6c2&nocache=1614518655124&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518654961&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 78587e1cc4a6e2c47d3cf304a81423e68c2ceee852099643cc73c3ce33084da4

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C7DA 240 B
2 KB 185ms
96ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=f66a237d-f2cc-464c-85ab-2396347bd6c2&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8267701595415706
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1e0975ed7cbecbfc8fb695e0d8d8cabd17b3f27b81a84cef1e16f36a85b4e47f

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C7DA 0
113 B 118ms
102ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:11:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame C7DA 0
327 B 142ms
59ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame C7DA 24 B
629 B 108ms
45ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f2dd7d27fe19599f157bf9ed58e581375142d57f27d30ecb748220f5ec854f3

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3-Q050 200 container.html Show response
dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame BC47 6 KB
3 KB 33ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 28 Feb 2021 13:24:12 GMT
expires: Mon, 28 Feb 2022 13:24:12 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame CE30 173 B
357 B 116ms
115ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c693c211-a870-4a06-a7fb-0a0b56ff6f53&nocache=1614518655164&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655004&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4f13ec954d677da6fd11e1e5cd3d89ce430ce6e6efbd222e41bdfbbcee6bab0f

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame CE30 0
327 B 197ms
148ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CE30 3 KB
3 KB 183ms
107ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=c693c211-a870-4a06-a7fb-0a0b56ff6f53&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5870365436029377
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 57607800ff3f4b9209f72c5eadace4d99eedcdc9dca325188d1816707d20c0c9

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 1419
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CE30 19 B
711 B 83ms
41ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: 268e3c1b-1b5a-4f17-813b-52cb8ef43413
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame CE30 0
57 B 112ms
112ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:52:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CE30 0
142 B 38ms
38ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=86937966671
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame CE30 24 B
629 B 99ms
58ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91d8d32f161e45dc88ff5a4f5f54d1db2d85f3db98b86370f9fc2f427c6a7479

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 / Show response
adx.adform.net/adx/ Frame CE30 5 B
445 B 118ms
118ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPWM2OTNjMjExLWE4NzAtNGEwNi1hN2ZiLTBhMGI1NmZmNmY1Mw%3D%3D&pt=gross&stid=21247464-d45a-4ab3-821f-c640dc53f180&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 742B 173 B
356 B 114ms
114ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ea82da93-4482-4bd2-9528-e2e2c4df3656&nocache=1614518655177&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655009&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 2a3705388c65394fd52029d8191efab7dd38ad8953a38079e758c98b41a1cd94

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 742B 240 B
2 KB 191ms
97ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=ea82da93-4482-4bd2-9528-e2e2c4df3656&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6057901190483126
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 86dde1f84e64b2cdf5ebc3b02540502e6930f1eaa2bceefedf9afd71c5b81f6a

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 742B 0
142 B 36ms
36ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=35965120132
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 742B 19 B
712 B 132ms
75ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.121:80
AN-X-Request-Uuid: f8defb37-1e18-47ba-90c8-8935b722eea6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 742B 0
57 B 106ms
106ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:52:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 742B 0
327 B 155ms
98ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 742B 5 B
445 B 117ms
117ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPWVhODJkYTkzLTQ0ODItNGJkMi05NTI4LWUyZTJjNGRmMzY1Ng%3D%3D&pt=gross&stid=2c2859b9-1c0d-4326-833f-6192f63a1be5&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 742B 23 B
628 B 88ms
59ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: fe97603a09348d257c42eb9bfe295fdc0ba8b3d023711b947b0791b72ddc5643

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 563A 24 B
629 B 76ms
59ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: f6f8a4057dcfd4c7956d7a706f17cda3edfbb0f87cc91b602640b3b2c1ffc60b

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 563A 0
57 B 105ms
105ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:16:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 563A 0
142 B 37ms
37ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=80995443903
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 563A 0
327 B 155ms
102ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 563A 173 B
357 B 122ms
122ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=7018f636-4405-47d1-987c-de40a5c4c4e4&nocache=1614518655194&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655019&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a3bab0bd831775d6dec274b344a62e5425eb30257b76c7649dcf1414dd42b071

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 563A 19 B
711 B 91ms
46ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid: f3373ea6-384e-48e6-96df-4eabd3849b7e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 563A 240 B
2 KB 188ms
109ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=7018f636-4405-47d1-987c-de40a5c4c4e4&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6978889655710876
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8ec42addc590f21361c702f2c7095a23ce263893addd9f132ed6e22b868b0d2e

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 563A 5 B
445 B 147ms
146ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPTcwMThmNjM2LTQ0MDUtNDdkMS05ODdjLWRlNDBhNWM0YzRlNA%3D%3D&pt=gross&stid=b9be7a7f-a441-458d-a482-5ffccb034cb7&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 0D4E 0
327 B 112ms
45ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0D4E 19 B
712 B 83ms
47ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid: f1c9bf85-8d9a-444b-973a-b4781b821a3e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 0D4E 5 B
445 B 133ms
129ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPTlmZmRmM2FkLWRjODItNDRiZC04MGNiLWYxOWExODE0YWM1YQ%3D%3D&pt=gross&stid=8b2745e1-63bf-423d-9d3b-b740eddb95cc&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0D4E 0
142 B 40ms
36ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=41376230769
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 0D4E 24 B
629 B 86ms
58ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 168508975ed05d40ae29f11a601516d264b255fec494b89c1eca2b9c2c99582a

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 0D4E 173 B
357 B 130ms
129ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=9ffdf3ad-dc82-44bd-80cb-f19a1814ac5a&nocache=1614518655206&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655037&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 7069c3b9eda37cc81a63410d72e1bc655a675e5e8a594dc4e2c8fa491ad08dbf

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0D4E 240 B
2 KB 193ms
90ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=9ffdf3ad-dc82-44bd-80cb-f19a1814ac5a&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6437152397268784
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8a23dd99ed681cb6c4619114dd67836e8e8cc1e05ff28f9afd0b69880244c240

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0D4E 0
57 B 94ms
93ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:23:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5BA8 19 B
712 B 97ms
62ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid: aa526b40-8cbe-4295-baf6-4993be303168
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5BA8 0
57 B 79ms
79ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 5BA8 24 B
629 B 98ms
45ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7254375b5f030d63b1e7300ef19e9e1bf85b0364e7b6ceff6d74272676315722

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 5BA8 173 B
356 B 113ms
113ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=18836dcd-d0df-401b-bdb7-6bbe16ba0868&nocache=1614518655217&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655014&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: fc8e5d5e82241d6c7402475320c842ce14b82702ceaec3b1ab4356891d33784a

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 5BA8 0
327 B 103ms
49ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5BA8 0
142 B 49ms
49ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=28159909325
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:15 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 5BA8 5 B
445 B 118ms
118ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPTE4ODM2ZGNkLWQwZGYtNDAxYi1iZGI3LTZiYmUxNmJhMDg2OA%3D%3D&pt=gross&stid=8c422055-6e82-4ece-b9a8-3c069298cdf3&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5BA8 240 B
2 KB 198ms
100ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=18836dcd-d0df-401b-bdb7-6bbe16ba0868&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7381902843104853
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6a49d9cabddf4e88b985386a28e4471f72006031d091a79334ccfade4e007e1d

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 696F 24 B
629 B 87ms
43ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6dbe089c0890e3a15e36a7823aa322a1b0bb4744f0e320ef281aab207a90be27

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 696F 0
57 B 103ms
103ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:48:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 696F 174 B
356 B 181ms
180ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=2715d42d-61f0-4a4a-bc1b-7b1a76555217&nocache=1614518655229&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655032&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 3205b2b2660bdae7a52a06d1000fdaf2acc9d479ec6b7332c83894428a388a79

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 696F 19 B
712 B 80ms
40ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid: 51f7f29c-5dba-4743-836e-6123a363d4de
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 696F 5 B
445 B 112ms
112ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPTI3MTVkNDJkLTYxZjAtNGE0YS1iYzFiLTdiMWE3NjU1NTIxNw%3D%3D&pt=gross&stid=eaeb23cd-3f2d-41d0-93b0-9c1d443a3eff&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 696F 0
327 B 136ms
49ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 696F 240 B
2 KB 205ms
85ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=2715d42d-61f0-4a4a-bc1b-7b1a76555217&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.3527316856635234
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ed0951899b8b53ec8f55c04e43c345cc437a89dd8ad46b74e87612e57b4e46c0

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 696F 0
142 B 38ms
38ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=23474574216
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BFAA 0
57 B 93ms
93ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame BFAA 24 B
629 B 78ms
48ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e3ef672954c2333ad77b7805d7978d52d17fb05a3c3a443cc7aaa187339150a

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame BFAA 0
142 B 44ms
44ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=49649874155
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 / Show response
adx.adform.net/adx/ Frame BFAA 5 B
445 B 126ms
126ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPWY2ZGE4NzQwLTNmZDgtNDdlZS05M2RiLWRlMTQwZTM2MDc0OA%3D%3D&pt=gross&stid=fa230baf-e9dc-43e8-9eef-57f6d2e7022a&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BFAA 240 B
2 KB 227ms
98ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=f6da8740-3fd8-47ee-93db-de140e360748&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.17820443631403005
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9fbbe8c1da786c9f2aac34d4af33515f6c82a817b58a7ad630e444ab4001bccb

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame BFAA 0
327 B 129ms
51ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BFAA 19 B
712 B 90ms
47ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid: 57411df8-a6c8-4d62-8a3e-cc54f5112016
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame BFAA 173 B
357 B 125ms
125ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f6da8740-3fd8-47ee-93db-de140e360748&nocache=1614518655244&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655041&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 9d3069d2fa2f9254618d5324c61bf5d9e54fe5b0224f376a3bdba4de9f532335

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7CBC 240 B
2 KB 213ms
81ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=315172&zone_id=1607912&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,2a547ce20370e08f3834,1,,,&rf=zaxid.net&tk_flint=pbjs_lite_v4.21.0&x_source.tid=1e55f343-0f99-44d2-adcf-d64239d0d1f9&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5573402831532981
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 10120d0cd7cdd8f2dc49c92663144b6bbaad91192650cbc436b95c4f209abb33

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 7CBC 24 B
629 B 65ms
46ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: cd0be874c2a8cfe348f35e670ca9a67da02df715d8e66b448e957e89e04250cf

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://intelaxa.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7CBC 0
142 B 37ms
37ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=67909097117
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:14 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 7CBC 174 B
357 B 217ms
216ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fzaxid.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=1e55f343-0f99-44d2-adcf-d64239d0d1f9&nocache=1614518655254&schain=1.0%2C1!adpone.com%2C2a547ce20370e08f3834%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1614518655048&auid=541008020
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: a6354a324bce6546de0c11853d945c8e26b9fcd3cc71ef3420194480c37dab41

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://intelaxa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7CBC 0
57 B 91ms
91ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:16:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 7CBC 0
327 B 132ms
52ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 7CBC 5 B
445 B 106ms
106ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc5MDMwNyZ0cmFuc2FjdGlvbklkPTFlNTVmMzQzLTBmOTktNDRkMi1hZGNmLWQ2NDIzOWQwZDFmOQ%3D%3D&pt=gross&stid=472bda6e-080b-4e3e-bef0-62940445ce28&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7CBC 19 B
711 B 86ms
53ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.52:80
AN-X-Request-Uuid: 9add9aab-13ef-44a3-b3c4-1438c19c1a1d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame E8FC 970 B
1 KB 607ms
195ms Script
application/javascript 54.186.205.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17670&ref=https%3A%2F%2Fzaxid.net%2F&cb=4288256302&timeZone=1&adWidth=728&adHeight=90&loc=https://zaxid.net/
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.205.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-205-146.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 32f70ca5c4ad6300c766028e691d24e09527ff0c4abf3e8766bdfabb9188a8ff

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
server: nginx
x-adtrue-instance: java3
content-length: 970
content-type: application/javascript

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 7BBD 13 KB
4 KB 10ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame F657 86 KB
20 KB 77ms
77ms Script
text/javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=694893&width=728&height=90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 981a47bdf683f5af5ab3fbad953035c7335c5dbe1f3ff659ceb30bd9782c6cf4

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 16:38:47 GMT
Server: nginx
ETag: W/"5f493317-159f3"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap4ams1
Expires: Mon, 01 Mar 2021 13:24:15 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5770 0
57 B 105ms
105ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:16:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5770 19 B
712 B 42ms
42ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid: ec7d1d87-3262-43bc-8e11-681379d7bb26
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 5770 0
327 B 128ms
124ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5770 283 B
759 B 91ms
37ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=190aa8fb-26c4-4883-8ccb-69c54f4638f7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8027781471802611
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2fba25befba198ea591a15a97527816099c182ad88038e7d2575e1ba656a6069

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 6F62 13 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame E532 13 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame F312 1 KB
1 KB 137ms
44ms Script
text/javascript 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=39656147;rtbwp=737EC2967AFB16C2;rtbdata=BU3e4SiRjQsQadOvFWhmf4zNi7adpM36odJHfjso6stebTG7sIFoEPK1PcYbFMOexACF2t0J_X53kOO0KuKqEaj76eGaEq4sVoNGea-fY7VRbHG75jX5OkxSxgeOJRI-ikSyMY6XAlzJPXpFOZZcG2a0S7aetQnPHyS0NlKv2z5Qdz3QTj7d-wnjYrKe0aynjq0tk4pSVLdgq0bDMtd9Zjb_119wm4vvp_sx9R6kupzhQW6FXjSrzw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/d7e3bf60-85ca-4af7-9f6c-2b4c1e835b92/

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c5bfa39f37812a09f9f568bd015c3cab90a43cf805cefe005eabebbdafa2c3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 971
expires: -1

GET
H/1.1 200 d7e3bf60-85ca-4af7-9f6c-2b4c1e835b92
beacon-fra2-v4.rubiconproject.com/beacon/d/ Frame F312 43 B
378 B 115ms
27ms Image
image/avif 69.173.144.153
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2-v4.rubiconproject.com/beacon/d/d7e3bf60-85ca-4af7-9f6c-2b4c1e835b92?oo=0&accountId=17210&siteId=315172&zoneId=1607912&sizeId=2&e=6A1E40E384DA563B3ED344245B8D8BA46F681489666B7060BFD01FA78E82688B2B5ACB7A088EAEF8BA2F191D0C011EB7172DB22D3B21A9B5D270361D45D6ED6F25C32C0F95F68D37F0A6DDC35AFB5CF92D974CB4AB442E04480B59446618D1C82AF6AD5898E30672EFF5C7CFD889081A146E2968BA590F5B1A16679439481A88F4D84F6DF26A51E162E26AA9D9805A3B2070387FAB73658DA3E6431A385FA4E99F277DA9B42D87A8B182BFA71352C3B1692A7C6D54882403DA5A9D39C17E53ACE82A954C1004678A

Requested by

Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 7BBD 363 KB
103 KB 26ms
26ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XbAzB3H%2BIQD5wFAxJ3VeIWbKdM1wdZhVr4H3FtXASLJDhOr0%2Fd8Rqf66aQocieRmm81fYG%2Fw75sUSZwfllKkaTLNnXKsJrXKOc%2B%2B94vj4K69ZTbZsdC5SXFbQkS%2B"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b1ab00002c36d2964000000001
cf-ray: 628a76fc48642c36-FRA

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame B3B0 13 KB
4 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/ Frame A52E 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e06035ee341f24ab89ea8078422bcfdef88c544e0d4df27060e9c7424e7dba7e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15720476547285047871/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4125
date: Fri, 26 Feb 2021 14:42:10 GMT
expires: Sat, 26 Feb 2022 14:42:10 GMT
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 168125
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BC47 0
0 62ms
60ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CU8Ljfpk7YKHiKIOS7_UPxtCBsAqh6NS2YbrX4ualDd3ZHhABIL_Uvydg9ZXOgeAEoAHShbTMA8gBCakCbvzjc4l3sj7gAgCoAwHIAwiqBNIBT9CUgHsxcaezagUoZ9GnxbMCOXcTjS2cqEdCWJ7z2VISAqKjI6TxjCZxWhd_E8jiTbbZM8KkEOYTe6Uy77U_hUjLf0y-wLKGLz0J2YxGcAadIYmCvOrXggi1G0JVCDpKiZV2FRGWK4wjcw5r3bP8T5Bvkbvepr4xKMWKfTpO6gUVkR_l16023G-Q4pnPif1I4leakYFvNXAGXMeas6u9Wd-rQIN2xo_R_iPOtVCeaKr4VTT0BjSpWQB2qInH04X3BBKHRAb50P31TBJU62-myA4qwASSuIifuwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlvrLM6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCSzgvSCAcIgGEQARgdgAoDyAsB2BMCshcaChgIABIUcHViLTI2NTUzMjgxMDQ1OTkyNzU&sigh=LWFDiEuiBzs&template_id=419&tpd=AGWhJmvqQ9_MpCy2Iifbsneo4KV0iQHe3X89Uyqi77VjTS4P5g
Requested by: Host: zaxid.net
URL: https://zaxid.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame BC47 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
URL: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 13:21:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame BC47 3 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
URL: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 13:23:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC47 107 KB
33 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
URL: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame BC47 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
URL: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 13:23:08 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 08A2 13 KB
4 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 7E6E 13 KB
4 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 6F62 363 KB
103 KB 27ms
26ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tgq7yFag%2BoVpRlUGwf5OtC8s2KqfLToXkRxD%2BJ7ZbYNqpf8hz8ZL0tPPhcx%2BbVXtq%2BAyjgdGJEJKZrLO4ILUOhWoAlb%2FrIYQY3d4%2BaYFrwEWjcybqv1CmsgUomAH"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b1ce00002c36afa1c000000001
cf-ray: 628a76fc78be2c36-FRA

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame BEE5 13 KB
4 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame E532 363 KB
103 KB 29ms
29ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Oymxz0f%2Fb0bEGUQu1Fz%2FhYMZnzJyft6uF3UUc49VCOdCllUE3bVAzrOuE%2Bob%2BZv1ha5OcxoRNIYwrIFDRd4JB0EFvIQJwqfakWmlcFHYI17qLC8guSyPPMeAJhm5"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b1dd00002c3683bd6000000001
cf-ray: 628a76fc98de2c36-FRA

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame F657 158 B
549 B 44ms
44ms Script
application/x-javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=694893&tid=83cac200953b4d2c9de1983af730d4597698df8a&mode=1&dmn=zaxid.net
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14542951c891d23b1e98fa66b4bfb5db98a3aeecbd90e135dd0f77f71a6026a3

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 145

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 19E4 13 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame B3B0 363 KB
103 KB 25ms
25ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QT2XRBZM2zTKc0h1u%2BjnmUy4H6aupqU%2BJhuk3HzotryLXiWvDpITPZ2zOCr5jZrd7MegBLVLMj8Y6VBwrr0GIFQvvZtDRE8oD6V44njqIHAfEAr6rQWH176uIF2S"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b1e600002c3650335000000001
cf-ray: 628a76fca8ff2c36-FRA

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 08A2 363 KB
103 KB 29ms
28ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ocVaeWplkBsbEUA6VdzKR6jWr1vVm9egN6WwpJWbbdaigsiWbG13otmICpFs2NHlxWbVGJgjLp1dVMjUa5udndBYF5gCkVPYEHs4oUXCTVY3Jj%2BI%2BQIXY5%2BO9oyy"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b1ee00002c36711bf000000001
cf-ray: 628a76fcb9142c36-FRA

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 7E6E 363 KB
104 KB 29ms
29ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jjelISL%2BjKuKr9SRdntU%2FcgQx%2Fa1TjLs%2Boe7BlGNbTM%2FBRcOKVdIBZs3DciVIbKsqeIkcsgL2db4qTFlKU1Qb3gYFEJ2FD5tbhBxXTuPBFvFa0t5hx64YcJ564dN"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b1f100002c36383c9000000001
cf-ray: 628a76fcb9172c36-FRA

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame BEE5 363 KB
103 KB 29ms
28ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=elgx4BgucN4GlWkA3jFVGixllsbAOQJr4NgqyIc6TPy1ov%2Fbqe%2ByH7UhF0PaPbIQ19gFo0%2B%2FdDKsLqjLz6VGnaOF%2BoMoIv1Hkr2FClSpCYQokfrUigjWLlBB4IZq"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b1f400002c3637114000000001
cf-ray: 628a76fcb9212c36-FRA

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7BBD 0
57 B 106ms
106ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:52:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 7BBD 0
327 B 50ms
50ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7BBD 283 B
759 B 43ms
43ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=72b461af-602b-4363-8b21-17ab9b36c62e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1571429817397485
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6c80aadabf1a5097105b82c3575a20ce71e603414f0e2ce0caf2fd1651e735f3

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7BBD 19 B
712 B 39ms
39ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid: 2ceb45c9-a490-4d4a-9286-9a8f06709a3f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 9CE3 13 KB
4 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AB3 143 B
226 B 7ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
URL: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlwQ2aR4hKUIMcSw75OmuRzzfCKwSmYATqVKMm0eOLaN1F9eP9-bkFcuNYsycs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 28 Feb 2021 12:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2982
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A52E 9 KB
3 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A52E 22 KB
9 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 styles.min.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/ Frame A52E 4 KB
3 KB 10ms
8ms Stylesheet
text/css 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/styles.min.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ff502767a4dfb4adfc61e397eb269d1b12684d622338af7a40e91b847150864

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 424243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1311
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Tue, 23 Feb 2021 15:33:32 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 15:33:32 GMT

GET
H3-Q050 200 visu.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 44 KB
44 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/visu.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a957a4deb60ca1cc4164da00e11002523cc58e141f0809d5640771e98bfcaca7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 168988
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44834
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Fri, 26 Feb 2021 14:27:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 14:27:47 GMT

GET
H3-Q050 200 txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 439 B
470 B 15ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txt.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd2a8f1be383beda2ac68c2b602f47e13067dc389c632fb14df4b65be98c3007

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 439
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Fri, 26 Feb 2021 08:42:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 08:42:56 GMT

GET
H3-Q050 200 txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 924 B
1007 B 14ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txt1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca6ed7fd23174ff94d9922ff836a9c709fb1b82d36ab3e137bac324151b12af8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Fri, 26 Feb 2021 08:42:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 08:42:56 GMT

GET
H3-Q050 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 847 B
930 B 14ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txt2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb9b68efe7644c97d32102bd3429af063811652edeb2e48b4609ddeb9b784b8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 370623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 847
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Wed, 24 Feb 2021 06:27:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 06:27:12 GMT

GET
H3-Q050 200 txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 975 B
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txt3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fc81fa2032ffad01cdbfd922860515856681248448b7d9085d6618682d7b8fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 95970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Sat, 27 Feb 2021 10:44:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:44:45 GMT

GET
H3-Q050 200 txtc1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 638 B
728 B 12ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txtc1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11790f6ee5a33520edcd63031d3cf9bffbe5a6f967fda0037784f92829da81f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 97169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 638
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Sat, 27 Feb 2021 10:24:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:24:46 GMT

GET
H3-Q050 200 txtc2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 1 KB
1 KB 16ms
15ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txtc2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8034128ac0efc9a5a2933fc42ed3b01cffd35337ee35b19ac52fdb4f3213668

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 370623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Wed, 24 Feb 2021 06:27:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 06:27:12 GMT

GET
H3-Q050 200 txtc3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 681 B
903 B 16ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txtc3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c007912dd2cfea7b7d83544bcaea501ef980a2b7807df7a6d21a792f4176477

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 96158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 681
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Sat, 27 Feb 2021 10:41:37 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:41:37 GMT

GET
H3-Q050 200 txtc4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 936 B
1005 B 15ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txtc4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115791a0b1a651fc90707e56ff10de6f4f8d08f290d483544bde7304d5bc09bd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Fri, 26 Feb 2021 08:42:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 08:42:56 GMT

GET
H3-Q050 200 txtc5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 733 B
816 B 14ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txtc5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c47d9df2a65d5c1b82dc3cbeb3b0702b7d74d1068c6cbab6ee5ce7694fecfc3e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 283829
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 733
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Thu, 25 Feb 2021 06:33:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:33:46 GMT

GET
H3-Q050 200 txtc6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/txtc6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0174f5faf3a1def87e0d1e34066218ccee40faf0bdaa9ed4854106569b1ab637

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2248
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Fri, 26 Feb 2021 08:42:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 08:42:56 GMT

GET
H3-Q050 200 scripts.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/ Frame A52E 81 KB
32 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/scripts.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e143a3b796187f14cfcee04f08fe5da930bbb085732bd98d042ace4a6f961d5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 438792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32050
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Tue, 23 Feb 2021 11:31:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 11:31:03 GMT

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame BF2D 4 KB
2 KB 27ms
11ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UN61dozcmny1Rm0iqitHPTUyZ3IT%2FWFRFWePvja%2FDtifwqEQtI%2BLDS0dFJFtI8q6uwLU%2BE2QOvTEs8Jv9ZTxmeSRtZNmHmzAsl36dePnfFFO56uNQYTmR29HP8UU3iUquA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b22900004a6d5405c000000001
cf-ray: 628a76fd08354a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame BF2D 145 B
490 B 137ms
72ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 498c6b4b347e82ccf284d7a28af486de3089e8f330d3ce52553d45e3a97e9dfa

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 145
x-amz-cf-id: TqLU0rx4uoGJYNNgc8LpIIWLkyTRY9LBw41wMeiL6GODBNkwi-Lv0w==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 5770 0
103 B 208ms
49ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZmRjZTIzMDMtNDg0Mi00NzlmLTg1ODQtZDBhZDQyN2FiNTJlIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJSVUJJQ09OIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=fdce2303-4842-479f-8584-d0ad427ab52e&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=185b077844291d4c0ec5d732481157121&cb=1209391614518654864
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 0D23 13 KB
4 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3540
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 19E4 363 KB
103 KB 28ms
28ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Q%2BwKw00gK63e25aicY8%2Bcl4A%2FRoPlrlxDlFKpepvU7Zt9rPsQJsdQ%2F6uC%2FgKW5i33a9Kzpuba2VVVHNMFWFnU%2Bzdr6J5aX4aJy1vBVQ8x%2Bus48sE87PpEVKciaq"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b21e00002c369ca30000000001
cf-ray: 628a76fcf9852c36-FRA

GET
DATA 200
OK truncated
/ Frame BC47 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4228403792333cf78de6f3f904bc679cf60eb7b3cae9feda60db8c1d768dba7a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 569E 8 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

196da375985a1e9f3807c23b72fc1d285dd6bbc3cf35dd5479b34f410f2d858b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6F62 0
57 B 76ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:11:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 6F62 0
327 B 46ms
45ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6F62 19 B
712 B 51ms
51ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid: bea176a0-8e69-4c66-9e05-c5f93f5f949c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6F62 283 B
759 B 37ms
36ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=5caf737e-6bee-421f-974b-c9a71233ccf5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.061676330810472635
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6d1556b543852a6be9a1968cd6db6d041cff7e6aab800f94c5b055e795cf5f37

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 9CE3 363 KB
103 KB 25ms
25ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qt4O36HDo4%2BbGqzCB4Z4bIH6Mhs8tnu%2FY%2FCzJ24kmI4Q0tfBXo2MgB4MO71gm2zOOsVJDt5XqaeGBGGUImri%2BS0HLHR1QkpjfaQrh7gYewpYpYWlNZ5yz%2BhcGEgB"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b27c00002c3669986000000001
cf-ray: 628a76fd9a762c36-FRA

GET
DATA 200
OK truncated
/ Frame A52E 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 0D23 363 KB
103 KB 25ms
25ms Script
application/javascript 2606:4700:3035::6815:2f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D986B55663EEBF3
x-amz-id-2: ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified: Mon, 25 Jan 2021 09:50:58 GMT
server: cloudflare
etag: W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iW%2FuhIkjKgf5EQSWYxbwX2RtmngevYLzHdT9KNSeDbWeyxpI4TKxpisNFPS9dxMp7vauTztwtB5Bo3bxrAwbzRsPuOlhoI3K851sUY1e4Tni7NeW7HaC3jgli%2BBh"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b28700002c363d8ec000000001
cf-ray: 628a76fdaa902c36-FRA

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame F312 34 KB
16 KB 145ms
61ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=39656147;rtbwp=737EC2967AFB16C2;rtbdata=BU3e4SiRjQsQadOvFWhmf4zNi7adpM36odJHfjso6stebTG7sIFoEPK1PcYbFMOexACF2t0J_X53kOO0KuKqEaj76eGaEq4sVoNGea-fY7VRbHG75jX5OkxSxgeOJRI-ikSyMY6XAlzJPXpFOZZcG2a0S7aetQnPHyS0NlKv2z5Qdz3QTj7d-wnjYrKe0aynjq0tk4pSVLdgq0bDMtd9Zjb_119wm4vvp_sx9R6kupzhQW6FXjSrzw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/d7e3bf60-85ca-4af7-9f6c-2b4c1e835b92/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6e7dced3e80a11752f9080d37d182b7a018756cf2e128e74a503ec7d52160adf

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 16:00:38 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 01 Mar 2021 16:48:08 GMT

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame 86E6 4 KB
2 KB 23ms
14ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XL4cmn%2BOVqXoeDN2sY8oZzxUDuv2b8ciddofowC%2BU9HI9eHONBnLd%2Fc3SyjhlSuhN8l7Bx2BXzGNmW1Mt6Hpnt9x6YFfXV5mxtVsnnPyNjb8qWAbnw%2F%2BAn9dXPJCnliDGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b29b00004a6d7e3b2000000001
cf-ray: 628a76fdc9b84a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame 86E6 144 B
488 B 58ms
52ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 92a4c99a6eca5980561cb9c17c705bd6a0ebccb7d6fe8317a6561c9dbe18e4e0

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 144
x-amz-cf-id: YeqT7YhJxw3P706itR1J0ojfAPxbHNhMDdPHV2rVBKiSx044ZmZVCQ==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 7BBD 0
103 B 147ms
59ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZmE2ZDNmMmQtYjk5MS00ZjlhLTlhMmYtODE3ODRiYjkzYjRkIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6IkFQUE5FWFVTIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=fa6d3f2d-b991-4f9a-9a2f-81784bb93b4d&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/syncro?i=g9vsltglsvoa0vgwp5ks&a=af671a838bdefc498ddbc2468deae3255&cb=5463791614518654857
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame F657 261 B
855 B 46ms
46ms Script
application/x-javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=694893&tid=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=zaxid.net&time=13%3A24%3A15&fd=1&be=sf&loc=https%3A%2F%2Fzaxid.net%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fzaxid.net%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_694893_30f1541cb73a4ae392b34ee7099e3ee7
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c3a9fde8e441dda79508ab1587587f70ed277164986ecdd3378de7970ab14ef

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 209

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E532 0
57 B 77ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E532 283 B
759 B 47ms
46ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=efa55eff-9c29-41e8-9a4d-a82f8304c82c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5034751814575356
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2df3800f8f04544df796972a68be1660aa947bd62b379f519e5644bf047cb4aa

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E532 19 B
711 B 38ms
38ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid: 04d620fc-5bc9-47ab-827b-9420075c4631
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame E532 0
327 B 49ms
49ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B3B0 19 B
711 B 39ms
39ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid: 3dbbc928-e603-4b21-8501-83c95d04a97c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame B3B0 0
327 B 48ms
47ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:14 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B3B0 0
57 B 97ms
97ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B3B0 283 B
759 B 39ms
39ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=586fa4c5-0183-4ac4-84eb-9c67f3ae1a68&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.46578902069315364
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 283bcf54c0e2243b191e467e9094ea4f3860a848e3c152b1b691ae8a2fd57d9e

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 7E6E 0
327 B 390ms
389ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7E6E 19 B
711 B 54ms
54ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 85b178d0-8d1d-4115-a019-b60f78010e40
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7E6E 0
57 B 98ms
98ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:52:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7E6E 283 B
759 B 49ms
48ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=505e6b7f-3c0e-40bf-b872-eb71cdc1d3a8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.515307503432731
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fb147035d9313dd2b74b60ed95bf17ccce8c75537deabee5bf06c77f3ae0406f

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3-Q050 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

231bd5d82bcbc0c2f01e7eefef79117d0e69f50f4fe212e6f3568e8534c0f2b8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/styles.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 178569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1577
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Fri, 26 Feb 2021 11:48:06 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:48:06 GMT

GET
H3-Q050 200 arrow-cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/ Frame A52E 381 B
420 B 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/img/arrow-cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2297eecd679e69df9005e04ae2e2ddf1659cb0a2bac057351028b51b881e48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15720476547285047871/styles.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 283829
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 381
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 10:48:35 GMT
server: sffe
date: Thu, 25 Feb 2021 06:33:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:33:46 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 08A2 143 B
1 KB 362ms
362ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

485b2d8bdd655647d9465c93392abcd4f9591af883f9cbd5e6a3c236f6fe4cfe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:16 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: 614cb4e7-2e6f-42df-ba74-30ed0b891921
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 08A2 0
57 B 109ms
109ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:24:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 08A2 283 B
759 B 47ms
47ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=abc1a5e9-265e-4641-ab85-81dcea990642&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9712177121093151
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 01648973077e9dc4fda6269650f9d48af4d57cfd795f35a8efce1282b300d318

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 08A2 0
327 B 52ms
52ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BEE5 283 B
759 B 35ms
35ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=90dd5817-916d-44cf-ae7d-803aa4ba0a3f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9301226855855542
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 20dc6d30c8999a8ad397dd944421c1a02a6ff824410ad46275bfae0b869a2c43

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BEE5 19 B
712 B 37ms
37ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid: d1b48331-afea-413c-95a7-e8e083a41d5c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame BEE5 0
327 B 48ms
47ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BEE5 0
57 B 95ms
95ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:16:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 19E4 0
327 B 45ms
45ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 19E4 283 B
759 B 51ms
51ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=a82e63bb-49eb-4681-a364-ffaeeaf554ff&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.21111363340347444
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 105c9a8286512bbf48aeecf80c4c52074582c7dac71d704c22a1ee11f9f6f7d6

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 19E4 0
57 B 72ms
72ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 13:11:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 19E4 19 B
712 B 40ms
40ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.153:80
AN-X-Request-Uuid: e6f422fd-a12c-42a3-85b4-ef3870b7b0ae
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 569E 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:15 GMT

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame FF8F 4 KB
2 KB 13ms
11ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BQFelifgZyBkuYmRlADE9hyUbGVnxlzrJCuPB63PIcicVUFZ1978Mv4EtTcsldF8uue6SJ9iBW8aX4S7WGZP73VghIRuEXXVaS%2BKOe2Cr8HrxkDzpGBJ1GOXaS9NHR%2Frlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b34000004a6d55b67000000001
cf-ray: 628a76fecb5e4a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame FF8F 142 B
384 B 51ms
49ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d894fc868a46ba2b6b579a1978b0e4a4507af0e14191661aefd3721835c19de5

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 142
x-amz-cf-id: FlBxfU6XrNRW7hcH3JmItp4piHvT-FRMiDaCGrkCAoF4Zipe9ipj5w==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 6F62 0
103 B 50ms
48ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYWExMGI4ZGItZWFlNy00MTgwLWFjNTUtYzZiZmI0OThiYWRiIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJSVUJJQ09OIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=aa10b8db-eae7-4180-ac55-c6bfb498badb&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=f8707e79780ef573c35bc9c08540b8815&cb=7120671614518654860
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame 4407 4 KB
2 KB 11ms
10ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uKSCbStBKQaaMP%2BkfQgjgVvMloVPVumoVHWUeGcD7XP1NDeYKshANG0Gg2bM7BIFFoqZ8Hdaxk1P%2BoO2w4trQyh6CvO%2FkIl%2FnmVIKkW4p29nRlg%2BtkNFh3x%2FenZLKuY0ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b34700004a6db61ed000000001
cf-ray: 628a76fedb714a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame 4407 152 B
394 B 51ms
51ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 19d70e2046be706c4729b21e6d666277595a14fcf38f3ba764a09e4f436f5390

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 152
x-amz-cf-id: PpUgWOEfG3petr2kf2dze9FuPMTwOSruNh7fZpLsiI0U6E-0rLSX-Q==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame E532 0
103 B 46ms
46ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYTU5NTc5ZTQtYjdhNS00NzQ5LWFiNDctZjFiYWVkOGIwMzM2IiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=a59579e4-b7a5-4749-ab47-f1baed8b0336&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=25bd9dc554ed0c93acff7a4f068034099&cb=4281931614518654859
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame 79D0 4 KB
2 KB 11ms
10ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A4Ffewi2OrjhcrW1qKlO%2Frvb66ap4nco3TiopcbLKPfO24yYapYUnmND3DTE2jmtsHMtwWLfb4vcf83%2F%2BxyVYCxTpHDmznZXuj%2F6f4qEvLwZfsm7APmquG3%2FUbaF2bBX5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b36300004a6d54070000000001
cf-ray: 628a76ff0bbe4a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame 79D0 152 B
396 B 53ms
52ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9f394331a5ba7f22102ebc2ab279e6f29e1f3d061938327039aa55f7b75f86b5

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 152
x-amz-cf-id: nLKcMTNmrBwjGSIWgxRrU_aVmG2Lw9OjZ7Ib4jyMG2SVmICXqV5BcQ==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame B3B0 0
103 B 62ms
49ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMWM4MDYwNmItYTk4NC00Yzc0LThjNDctZjMxZmVkZGIyM2FjIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJSVUJJQ09OIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=1c80606b-a984-4c74-8c47-f31feddb23ac&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/async_usersync?i=g9vsltglsvoa0vgwp5ks&a=f02e40dcd7c0094b840682c949d5a85f7&cb=2628131614518654865
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F312 5 KB
3 KB 44ms
44ms Script
text/javascript 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=39656147;rtbwp=737EC2967AFB16C2;rtbdata=BU3e4SiRjQsQadOvFWhmf4zNi7adpM36odJHfjso6stebTG7sIFoEPK1PcYbFMOexACF2t0J_X53kOO0KuKqEaj76eGaEq4sVoNGea-fY7VRbHG75jX5OkxSxgeOJRI-ikSyMY6XAlzJPXpFOZZcG2a0S7aetQnPHyS0NlKv2z5Qdz3QTj7d-wnjYrKe0aynjq0tk4pSVLdgq0bDMtd9Zjb_119wm4vvp_sx9R6kupzhQW6FXjSrzw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fd7e3bf60-85ca-4af7-9f6c-2b4c1e835b92%2f;js=1;adfxid=1x;9375;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|undefined;fd=0|0&CREFURL=https%3A%2F%2Fzaxid.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c7249d1e7ec55ce28b1e1b69c42aacd147ece4d213939228080dba89b2d80a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2621
expires: -1

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame 32A0 4 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6BbWPAwzTdijZDD2FnTX9gR3zhKC8mK6eJ02TC7vJBXUYNGWvt8VA4vdQCvW2XG8cJKNGQ4Tj%2BDeJhBnhdqeoLlTHq6wpocW5uYb1u%2Fjybru0AT%2FsHn7u5MT4yK%2FG6Cxfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b37d00004a6db61f0000000001
cf-ray: 628a76ff2c164a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame 32A0 142 B
384 B 50ms
50ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 581d926101074855377ce662bf9aeb86306fc6fe8e0ed0e4083e1f0c73d3cadc

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 142
x-amz-cf-id: O-UngkupWWIypzlSAaBDKZjdY-DNRlj_4RLxss5IqeI0NIsi83bzrg==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 19E4 0
103 B 46ms
46ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMjY0ZGFlMjAtZThjNi00YjJmLWFjODItYTJhZDY2ZjJkYTg2IiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=264dae20-e8c6-4b2f-ac82-a2ad66f2da86&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/sync?i=g9vsltglsvoa0vgwp5ks&a=1e95007480c28eafbac7c4acfc113a753&cb=8981841614518654863
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9CE3 19 B
711 B 51ms
50ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid: 0d0069d6-3077-4fd7-ae2a-317e141c7802
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9CE3 0
57 B 113ms
113ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 9CE3 0
327 B 51ms
51ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9CE3 283 B
759 B 31ms
31ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=f955cb33-8b3d-4c4c-8b99-adf26fbc5251&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.19582996388377594
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f78e73975b9e9d46a33250754635cda357beef9ce6f34e532e4134867d3361bf

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK Cookie set beacon Show response
gslbeacon.lijit.com/ Frame 41D8 5 KB
2 KB 122ms
43ms Document
text/html 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: d3715ef09488df99653f0ff69563bf2abeb59e7ed7f735b4538a35ff6d46b402

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=c9e0b350e7671f85da7288c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxljzEOwDAIA%2F%2BSuUMgGEi%2FVvXvVdMsuONJ5myuJu0UF%2FOODhxNFyI09UX3yqNiSGXpleecoAQVxC4QHbYv4udIctCopNaklWnEtCnJp3xPi%2FTLG1xycdQfBvmMfDYrg%2FIo%2F94PsO9SdQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=c9e0b350e7671f85da7288c5;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:15 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame F657 47 KB
5 KB 50ms
49ms Script
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=694893&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: d9c9d0ac581bd0e286387ce9ce2a60800cdf478c6c66c58f6ea611ff926fa6bc

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap4ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap4ams1.lijit.com/addelivery/ Frame F657 43 B
567 B 130ms
45ms Image
image/gif 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap4ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=694893&tid=a_694893_30f1541cb73a4ae392b34ee7099e3ee7
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ Frame 0D23 0
327 B 45ms
45ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://intelaxa.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0D23 19 B
712 B 86ms
86ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: cbb0e291-8ac7-4d2a-8b2f-35620db2d858
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0D23 283 B
759 B 42ms
42ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=228844&zone_id=1615610&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fzaxid.net%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=797b3d40-dea5-4250-aefc-cc4cba12d382&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9282138391759678
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 931e404c680e02cbfd540ae5da1ddf91d6d090d2cba47ddcf8a398f533ec6a27

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://intelaxa.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0D23 0
57 B 76ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://intelaxa.com
date: Sun, 28 Feb 2021 12:52:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame B9DD 4 KB
2 KB 11ms
10ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rszm4VPXfSDaB5wz4Du5uU3to7RcgoGJCMqtzFrZZotLn6LNcYLRuoI47iwdpqfODsabKvo%2Bn1eLPku1ToebmN6sFiDNF8daAozAtSzdKZgpo%2FF6af6x3YxbOOswUiIfmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b3a300004a6d98b63000000001
cf-ray: 628a76ff6c7d4a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame B9DD 145 B
388 B 53ms
52ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: be2f92ae1febd670260233920e705a4f812782fbc18b12250b433e07e138fb7f

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 145
x-amz-cf-id: HjGJUqZgRN5PhrE3ursU1p7Gz4Z1-FiWZqTjWygbTYl9vrOO83iEAA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame BEE5 0
103 B 49ms
49ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMzIyMzQ1OTctNzZmYS00ZGI5LTljZDYtNWFhMDc1ODUyMjIyIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=32234597-76fa-4db9-9cd6-5aa075852222&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=e66886757bba219832537a19d4c1ee0a5&cb=5850811614518654868
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AB3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
496 B

37ms
24ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
URL: https://dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlwQ2aR4hKUIMcSw75OmuRzzfCKwSmYATqVKMm0eOLaN1F9eP9-bkFcuNYsycs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 13:24:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 28-Feb-2021 14:24:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 13:24:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 13:24:15 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame A891 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zaxid.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zaxid.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 12:53:35 GMT
expires: Mon, 28 Feb 2022 12:53:35 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1840
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E8FC 37 KB
14 KB 3283ms
33ms Script
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17670&ref=https%3A%2F%2Fzaxid.net%2F&cb=4288256302&timeZone=1&adWidth=728&adHeight=90&loc=https://zaxid.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94f8-5b232eca8cf5e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=137579
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Tue, 02 Mar 2021 03:37:18 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98A1 42 B
132 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKyX5BhVm0IWGXHrAg0IdWgQpu-xqWkjLL6mg2heZRSn-B7zNrjlSdjqTX75i5hO4TY7O2yW2kkT0fhlMtaB83N4uL0YvpYKUvsDnvsDU&sig=Cg0ArKJSzMt3GU8unewlEAE&id=osdim&mcvt=1036&p=20,436,110,1406&mtos=0,1036,1036,1036,1036&tos=0,1036,0,0,0&v=20210226&bin=7&avms=nio&bs=1600,1200&mc=0.75&app=0&itpl=19&adk=3605534961&rs=4&met=ie&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impression_tracker.php Show response
assets.bly.ch/tool/php/ Frame F312 792 B
471 B 1153ms
36ms Script
text/javascript 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=40391365&campaign_id=1589447
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 908ae7e4eb7123bb0a2379e7d89712ca9e0e24821d5948e233226598a7a475f5

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
x-bly-info: Opt Out under https://www.bly.ch/opt-out/
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin

GET
H2 200 impression_tracker.php
assets.bly.ch/tool/php/ Frame F312 0
221 B 1153ms
36ms Image
image/png 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bly.ch/tool/php/impression_tracker.php?pid=1499&campaign=1589447&rnd=82593
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-bly-info: Opt Out under https://www.bly.ch/opt-out/
server: nginx
cross-origin-resource-policy: cross-origin
content-type: image/png

GET
H2

200

index.html
campaigns.cembra.ch/campaigns/de/connects/ Frame F312
Redirect Chain

https://cct.connects.ch/tpv.php?t=116404V1499141797M&subid=pv|5852874|876144&rnd=56179
https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404&lea_source=2021022814241745845089631X116404V1499141797MSpv|5852874|876144&utm_source=connects&utm_medium=NNNNN&utm_campaign=aff

0
0

67ms
21ms

Image
text/html

2a01:ab20:0:203::1:245
CYON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404&lea_source=2021022814241745845089631X116404V1499141797MSpv|5852874|876144&utm_source=connects&utm_medium=NNNNN&utm_campaign=aff
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404&lea_source=2021022814241745845089631X116404V1499141797MSpv|5852874|876144&utm_source=connects&utm_medium=NNNNN&utm_campaign=aff
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/2wSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame F312 85 KB
36 KB 47ms
47ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.198/e/2wSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 021d67b4bdc29f3ac8f0b5187e24048857dd7380870f1b91dc4ca8ddeaac5607

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:15 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 16:00:38 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 01 Mar 2021 16:34:09 GMT

GET
H/1.1 200
OK t.dhj Show response
pxdrop.lijit.com/1/d/ Frame F657 2 KB
1 KB 347ms
31ms Script
application/javascript 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?dmn=intelaxa.com&GDPR_v2=undefined

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

65e3395c552264339cc2676785df341c9ca85cd341824d07f374c34e5da2c0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 976
Expires: Sun, 28 Feb 2021 14:24:16 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F657
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=c9e0b350e7671f85da7288c5/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=c9e0b350e7671f85da7288c5/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=eaf3f73921f9bbb4251d47d8b56d02d4

43 B
1 KB

1329ms
48ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=eaf3f73921f9bbb4251d47d8b56d02d4
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=eaf3f73921f9bbb4251d47d8b56d02d4
cache-control: no-cache
x-server: 10.45.12.176
content-length: 0
expires: 0

GET
H2

200

lons7jax
sync-tm.everesttech.net/ct/upi/pid/ Frame F657
Redirect Chain

https://ps.eyeota.net/pixel?pid=51md42u&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=gif
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlQ4U1NLUEFLR0N4MXdydUtyZk94N2NfdWRoSE5FSkVodHFNcmNzdW1rdUk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51md42u&referrer_pid=51md42u&google_gid=CAESEKhwH6XXZvioXYuR06qt59M&google_cver=1
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51md42u&&referrer_pid=51md42u
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=9040159769359373822&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51md42u&&referrer_pid=51md42u
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?bid=7vi0rg0&uid=1040603b-9981-4a00-bae1-a3aa6106e7bb&dc_rc=3&dc_mr=5&dc_orig=51md42u&&referrer_pid=51md42u
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_pid%...
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_p...

85 B
165 B

29ms
26ms

Image
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_pid%3D51md42u&_test=YDuZggAAAGHoyirK
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.3.8.v20160314) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
age: 1836
x-served-by: cache-fra19156-FRA
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1614518659.555170,VS0,VE0
content-length: 85
x-cache-hits: 6636

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
x-timer: S1614518658.426432,VS0,VE90
x-served-by: cache-fra19156-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51md42u%26%26referrer_pid%3D51md42u&_test=YDuZggAAAGHoyirK
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame F657 43 B
210 B 58ms
57ms Image
image/gif 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&zoneid=694893&cid=18&geo=CH&all_tags=203%2C234%2C248%2C383%2C388%2C458%2C462%2C465%2C490%2C494%2C501%2C503%2C512%2C515%2C519%2C520%2C539%2C541%2C561%2C563%2C565%2C576%2C580%2C582%2C584%2C586%2C589%2C590&tss=81%2C81%2C84&fired_tags=234%2C388%2C590&count=3&status=8%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C32%2C32%2C8%2C32%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1&elapsed_ms=85
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx
X-Sovrn-Pod: ad_ap4ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame F657 43 B
210 B 53ms
52ms Image
image/gif 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&zoneid=694893&cid=18&geo=CH&all_tags=203%2C234%2C248%2C383%2C388%2C458%2C462%2C465%2C490%2C494%2C501%2C503%2C512%2C515%2C519%2C520%2C539%2C541%2C561%2C563%2C565%2C576%2C580%2C582%2C584%2C586%2C589%2C590&tss=81%2C81%2C84%2C86%2C87%2C91&fired_tags=234%2C388%2C590&count=3&status=8%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C32%2C32%2C8%2C32%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1&elapsed_ms=91
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx
X-Sovrn-Pod: ad_ap4ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame C069 4 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vIffq6kjeF1EffOeZxFVVIOonWyUxE%2FWDnassbW6AKL2KN0Atub%2B4hnpSQhI521Xoqea0P2Ho1N%2BC480E3RrCCcFdNgeOzP3QXH1zkt9%2BiCO1vodeNNZIgs7jbYDVMmXAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b40300004a6d953aa000000001
cf-ray: 628a77000d744a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame C069 143 B
386 B 77ms
77ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2377a47a723766ab9d58fb9218e7309411b2106090cd622256c20bad48797606

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 143
x-amz-cf-id: GBDI-F6MtcL9uS1Bq8Liyz3qTjMsKaYjLOjYfY616kdQtlZXEKN1YA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 0D23 0
103 B 49ms
49ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMmQ4MmE0ZDEtOWMwMS00ZTdhLWJmNmMtZTg2ODYxZGZmMGFkIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=2d82a4d1-9c01-4e7a-bf6c-e86861dff0ad&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=42a80b0d04d5e2a2a4fcf5b202d819801&cb=7876051614518654872
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame 1694 4 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=svPasUCAJFiZqeyuFy17Dyc7m4Ya9Cqtzq13Zq3gFSjB5IZ3LI%2F4%2FOK%2F%2B01FeuNyrdcvxFBxTD2boXKBG2BSCrRuCAoQXCLOp1msBgd6vsJN09C8NST%2F1MVB5Pdwlxm74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b40900004a6db323c000000001
cf-ray: 628a77000d864a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame 1694 142 B
385 B 78ms
78ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f16893f0a6cf09a2476078492390d8f01a346ac2cbabe93610dea914dd5b9fde

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 142
x-amz-cf-id: WiFCUF2LWtxVkTxvCwXrHjahnzCgHWWZlWBY5k_wy9cePNt0Q1ay_g==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 9CE3 0
103 B 48ms
48ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNTU5ZTQ2NzItM2I3Ni00MmY0LWE2NmMtMWJhNTkyNDNkNGZlIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJSVUJJQ09OIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=559e4672-3b76-42f4-a66c-1ba59243d4fe&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/user?i=g9vsltglsvoa0vgwp5ks&a=6c1616b5757db858d8a4e6662b24747d9&cb=2552971614518654869
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame A891 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 00:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 46451
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Mon, 28 Feb 2022 00:30:05 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F312 35 B
457 B 45ms
44ms Other
image/gif 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=39656147&csi=QWjdceR8QVmKNzm8lMQUMLYTbeP_fg4fN_J2YztaXVLrygPkIxxfk__kxH-JkBEM-ChMiBieAU33_qpwsGYmsycs4ODdxxAu0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 40391365.jpg
s1.adform.net/Banners/40391365/ Frame F312 11 KB
11 KB 41ms
41ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/40391365/40391365.jpg?bv=4

Requested by

Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

050d7b57c18d28dff9fa64cdae1f24c58f9087e8f0aad47ec5c9f9d58d2cf1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
last-modified: Tue, 08 Sep 2020 12:41:23 GMT
server: nginx
etag: "5f577bf3-2be2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 11234

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D12%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D
https://ce.lijit.com/merge?pid=12&3pid=6864390710533493707&gdpr=0&gdpr_consent=

43 B
1 KB

1335ms
43ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=12&3pid=6864390710533493707&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:16 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid: 2165e597-b8c0-4fe7-b4d1-67f08f20d712
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ce.lijit.com/merge?pid=12&3pid=6864390710533493707&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=m6lUB5SgX1WAqFRWyK9KVpr6Al2ArlJSy_jlyKuv

43 B
1 KB

1333ms
47ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=m6lUB5SgX1WAqFRWyK9KVpr6Al2ArlJSy_jlyKuv
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=m6lUB5SgX1WAqFRWyK9KVpr6Al2ArlJSy_jlyKuv
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=23&3pid=CAESEAUBS8vv0ym1l5wntvPCgY4&google_cver=1&gdpr=0&gdpr_consent=

43 B
1 KB

1300ms
43ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=23&3pid=CAESEAUBS8vv0ym1l5wntvPCgY4&google_cver=1&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:15 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ce.lijit.com/merge?pid=23&3pid=CAESEAUBS8vv0ym1l5wntvPCgY4&google_cver=1&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=dc1eca1c-1283-4e16-a00f-710046b06d0b
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=dc1eca1c-1283-4e16-a00f-710046b06d0b
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=05c43fba-db86-4b33-a0ab-6cdac5c21ab9&user_group=1&ssp=fmx&bsw_param=dc1eca1c-1283-4e16-a00f-710046b06d0b
https://ce.lijit.com/merge?pid=26&3pid=dc1eca1c-1283-4e16-a00f-710046b06d0b

43 B
2 KB

142ms
47ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=dc1eca1c-1283-4e16-a00f-710046b06d0b
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: //ce.lijit.com/merge?pid=26&3pid=dc1eca1c-1283-4e16-a00f-710046b06d0b
date: Sun, 28 Feb 2021 13:24:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=c9e0b350e7671f85da7288c5&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=7999603b-9981-4300-a7c5-17430a88d31a&gdpr=0&gdpr_consent=

43 B
2 KB

251ms
44ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=7999603b-9981-4300-a7c5-17430a88d31a&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=7999603b-9981-4300-a7c5-17430a88d31a&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 Feb 2021 13:24:16 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 41D8
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzllMGIzNTBlNzY3MWY4NWRhNzI4OGM1

170 B
243 B

87ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzllMGIzNTBlNzY3MWY4NWRhNzI4OGM1

Requested by

Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzllMGIzNTBlNzY3MWY4NWRhNzI4OGM1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=c9e0b350e7671f85da7288c5&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:3ac2bd4c7b2f5b7a7abf5b08babbd97f

43 B
4 KB

48ms
47ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:3ac2bd4c7b2f5b7a7abf5b08babbd97f
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 28 Feb 2021 13:24:19 GMT
server: Aorta/2.5.1-20201015.f4f5b76
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:3ac2bd4c7b2f5b7a7abf5b08babbd97f
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-19-244
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
4 KB

44ms
44ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:22 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:22 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871597492892055810

43 B
4 KB

44ms
44ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871597492892055810
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871597492892055810
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=1CUnyW6w5JlQ&ev=1&pid=558511&gdpr_consent=&gdpr=0

43 B
2 KB

239ms
49ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=1CUnyW6w5JlQ&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=1CUnyW6w5JlQ&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-q4ssx
expires: -1

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame 41D8
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YzllMGIzNTBlNzY3MWY4NWRhNzI4OGM1
https://ap.lijit.com/dsp/google/reporting

43 B
567 B

55ms
55ms

Image
image/gif

216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 41D8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t

0
0

204ms
203ms

Image
text/html

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
https://ams.creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=y2ZG0FBNLjZ9vAp0tpBb&pi=sovrn&gdpr_consent=&gdpr=0&tc=1

43 B
4 KB

47ms
46ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=y2ZG0FBNLjZ9vAp0tpBb&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=y2ZG0FBNLjZ9vAp0tpBb&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma: no-cache
date: Sun, 28 Feb 2021 13:24:20 GMT, Sun, 28 Feb 2021 13:24:20 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=83&3pid=KLP6PZFO-V-DG5Z&gdpr=0

43 B
4 KB

49ms
48ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=83&3pid=KLP6PZFO-V-DG5Z&gdpr=0
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ce.lijit.com/merge?pid=83&3pid=KLP6PZFO-V-DG5Z&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dc535e5...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
https://ce.lijit.com/merge?pid=16&3pid=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=

43 B
3 KB

45ms
45ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 28 Feb 2021 13:24:18 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://ce.lijit.com/merge?pid=16&3pid=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://um.simpli.fi/lj_match?r=1614518655993&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=2&3pid=E7B1320711C14F3E9705E99B28255E27

43 B
3 KB

92ms
48ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=E7B1320711C14F3E9705E99B28255E27
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 28 Feb 2021 13:24:17 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=E7B1320711C14F3E9705E99B28255E27
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 27 Feb 2021 13:24:17 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=0d26cd41-03e8-4c74-8132-57b5426fcd7c

43 B
3 KB

57ms
50ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=0d26cd41-03e8-4c74-8132-57b5426fcd7c
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=0d26cd41-03e8-4c74-8132-57b5426fcd7c
Date: Sun, 28 Feb 2021 13:24:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=80&3pid=KLP6PZFO-V-DG5Z&gdpr=0

43 B
3 KB

71ms
46ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=KLP6PZFO-V-DG5Z&gdpr=0
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ce.lijit.com/merge?pid=80&3pid=KLP6PZFO-V-DG5Z&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
Expires: 0

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame 41D8 70 B
265 B 396ms
47ms Image
image/gif 34.246.149.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.149.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 41D8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AADFR07AdzMAABEXFzMSNA

43 B
3 KB

48ms
44ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AADFR07AdzMAABEXFzMSNA
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AADFR07AdzMAABEXFzMSNA
Date: Sun, 28 Feb 2021 13:24:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET tum
ums.acuityplatform.com/ Frame 41D8 0
0

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame C7F5 3 KB
1 KB 7220ms
61ms Document
text/html 63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6718ca46fe1689b5577292c138af3d2baec9dc6419358d2b42fc95e699fd0d1c

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2

Response headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4; Domain=.gumgum.com; Expires=Mon, 28-Feb-2022 13:24:23 GMT; Path=/; Secure; SameSite=None
etag: W/"00cabf0683cf928a1bb6462dd247f638c"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F19E 8 KB
3 KB 3115ms
28ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75206
Expires: Mon, 01 Mar 2021 10:17:45 GMT
Date: Sun, 28 Feb 2021 13:24:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 626A
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=8968102175321445886&gdpr=0&gdpr_consent=

43 B
1 KB

74ms
46ms

Document
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=8968102175321445886&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=c9e0b350e7671f85da7288c5; ctag=512:1614605055|515:1617110655|388:1617110655|580:1614605055|582:1614605055|520:1617110655|584:1614605055|234:1615728255|586:1614605055|203:1615728255|589:1617110655|462:1614605055|494:1614605055|561:1617110655|563:1617110655|565:1614605055|541:1615728255; ljtrtbexp=eJxljzEOwDAIA%2F%2BSuUMgGEi%2FVvXvVdMsuONJ5myuJu0UF%2FOODhxNFyI09UX3yqNiSGXpleecoAQVxC4QHbYv4udIctCopNaklWnEtCnJp3xPi%2FTLG1xycdQfBvmMfDYrg%2FIo%2F94PsO9SdQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:17 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=8968102175321445886;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:17 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxljzEOwDAIA%2F%2BSuUMgGEi%2FVvXvVdMsuONJ5myuJu0UF%2FOODhxNFyI09UX3yqNiSGXpleecoAQVxC4QHbYv4udIctCopNaklWnEtCnJp3xPi%2FTLG1xycdQfBvmMfDYrg%2FIo%2F94PsO9SdQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:17 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=c9e0b350e7671f85da7288c5;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:17 GMT;Max-Age=31536000;Secure;SameSite=None ctag=512:1614605055|515:1617110655|388:1617110655|580:1614605055|582:1614605055|520:1617110655|584:1614605055|234:1615728255|586:1614605055|203:1615728255|589:1617110655|462:1614605055|494:1614605055|561:1617110655|563:1617110655|565:1614605055|541:1615728255;Path=/;Domain=.lijit.com;Expires=Tue, 30-Mar-2021 13:24:17 GMT;Max-Age=2592000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=8968102175321445886; Domain=.turn.com; Expires=Fri, 27-Aug-2021 13:24:17 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=8968102175321445886&gdpr=0&gdpr_consent=
content-length: 0
date: Sun, 28 Feb 2021 13:24:16 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 598A 8 KB
3 KB 3122ms
32ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75206
Expires: Mon, 01 Mar 2021 10:17:45 GMT
Date: Sun, 28 Feb 2021 13:24:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame A486 776 B
791 B 37ms
34ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 3f85ec824ffc14c8f7df43a5ce5e78451948e4bfbfbceb024d751e7f6e65d4c2

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=4014fede-5316-0084-1540-5f2713d73c25|1614518655
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gslbeacon.lijit.com/beacon?viewId=a_694893_30f1541cb73a4ae392b34ee7099e3ee7&rand=5169&informer=13406526&type=fpads&loc=https%3A%2F%2Fzaxid.net%2F&v=1.2

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=4014fede-5316-0084-1540-5f2713d73c25|1614518655; Version=1; Expires=Mon, 28-Feb-2022 13:24:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614518656|gekin0vNiygu; Version=1; Expires=Mon, 15-Mar-2021 13:24:16 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 28 Feb 2021 13:24:16 GMT
content-type: text/html
content-length: 479
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame F357 4 KB
2 KB 12ms
11ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ClwURu5%2FS5IauFIbPUPYmO0Lge4HMR5kmoUZNk6lGDa%2FMcPMzBEQrsYrdg7MxQY7Nzdyh6wSd1s7UhrrPk88l0%2BDxHIEVTMiJAgmWQYaK92oB3MBdFq3EIQYDNFfSiR4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b47300004a6d54083000000001
cf-ray: 628a7700beca4a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame F357 143 B
384 B 71ms
70ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 674986ded8e749b4411f0be9d3077b76e95baf38b24875f377a04727418f2a10

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 143
x-amz-cf-id: 6V302jgE3yTxMoWocokV7UHSO46JiD-VyY23l40gq4tkDj_2Irxs7g==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 08A2 0
103 B 46ms
46ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZTUyZWFmZmUtODZmZC00OWMyLTgyYWUtMTEwMWNiZmJlYjAxIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=e52eaffe-86fd-49c2-82ae-1101cbfbeb01&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/stats?i=g9vsltglsvoa0vgwp5ks&a=f24b8cf45d5196da8b5e48ac28b67fc85&cb=1786961614518654862
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame B214 4 KB
2 KB 11ms
10ms Script
application/javascript 2606:4700:3037::6815:334c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:334c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l6GaqF34ssPrAohfboPTbyhWN%2BFqjih8GwL6rPaw0HtDhtQ6jRp3lppY1ZPxSt26KTGOa8DMl0%2F8tGAfd30kOHiew04R8usYUzN2rGJFUeUbr4%2FqF4bXUDJwCLajuWnkRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 088a68b47c00004a6d6795c000000001
cf-ray: 628a7700cee24a6d-FRA

GET
H2 200 p.js Show response
ploxtar.com/ Frame B214 142 B
383 B 78ms
77ms Script
application/javascript 65.9.58.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ploxtar.com/p.js?i=qas877j4lq635rmodi
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8594&uref=https%3A%2F%2Fzaxid.net%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 095f46f5117e38fc1f307b53184622df5c07904318d784735fdc66c8768352ec

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-length: 142
x-amz-cf-id: RcjMns5nx4fK0tM5MB6Eig7wWfWrYSZvNA9f1o0gTybnlS6VacYcCw==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame 7E6E 0
103 B 49ms
49ms Image
text/plain 34.247.206.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZjJiZmU3ZDQtMDQwYy00Y2ZiLWFhZDMtZjE3NjVlMzNkNDYwIiwiaG9zdG5hbWUiOiJpbnRlbGF4YS5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlJVQklDT04ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=f2bfe7d4-040c-4cfb-aad3-f1765e33d460&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.206.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-206-41.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intelaxa.com/send?i=g9vsltglsvoa0vgwp5ks&a=341122bd67a1d694682b9913675e97ee9&cb=9154691614518654870
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 28 Feb 2021 13:24:16 GMT
Server: nginx

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame A486 43 B
1 KB 1328ms
45ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=ff561f47-1025-057e-082a-21690f41308a&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A486
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dd52603b-9980-4400-a605-aaee7e5567b3

43 B
106 B

33ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dd52603b-9980-4400-a605-aaee7e5567b3
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dd52603b-9980-4400-a605-aaee7e5567b3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 Feb 2021 13:24:16 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A486
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=85K8cvybtyDok7wjoJSiI_LB6ijolbono8NPwHxt

43 B
122 B

33ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=85K8cvybtyDok7wjoJSiI_LB6ijolbono8NPwHxt
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=85K8cvybtyDok7wjoJSiI_LB6ijolbono8NPwHxt
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A486
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8405308105229877284

43 B
106 B

50ms
49ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8405308105229877284
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8405308105229877284
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A486 70 B
264 B 4415ms
81ms Image
image/gif 52.16.108.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=93b8c187-fa91-3f73-4f96-97cf77f00fd8&gdpr=0
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.108.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame A486 170 B
232 B 68ms
34ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmZkNzEyNGQtMzNlNi02MWQ3LTVhNzYtY2Q3NmJkMTJjMWI4

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A486
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEACrhT1GjkZ2kQEQsT6nNG0&google_cver=1

43 B
106 B

33ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEACrhT1GjkZ2kQEQsT6nNG0&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEACrhT1GjkZ2kQEQsT6nNG0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 569E 0
46 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=1419397294024454&bg=!eXqlejnNAAXB_3NtwTsAKQB2-Dxa3258m4ViaYYn2k6VPwiZZlohXs9uYkCdJmLi0L-FXBm7XDtXAgAAAIRSAAAAD2gBBwoAyWYsxu7sixXefGohKBU8L1Mt2JQnWQ2oXx5J6_W4aQUVjuBXs0Ed6nEuz1GubylqU-XwAcs3EDxCxagkJiCiQx2V4AQSrPnguYQ9ExmYz6tfNQzp203pcpoETn9N8KBpyTdcUuAge2XL9zIJugHXnDuXuw7z_fWnSz-pR_WzbmABbU5nHYB4etKgM6HXs2qAh1Tg1mlpJfhd5P5VkERJh2kQI_aBKQfkkXdIB3hiUl5x_mV53BgU6wDaHeYNm01a2iQAtxn-X8JgF5kB_tUP0ybfxJ-Z6jUKp0-WWh0g__EW2bQ0XrbpsG-VAy-CUg4W3Xuti3TXgbWI6vV1uaSsa1mnkUSzi-_Ox5Xi1gOpTdUIh56olp9eGEK4EKB_J8JRgTy5O9TtS0Ll4tNsYzv8wSVp9Nq5ixE3_PJ7mt6JQs3sBdL46ihZQnLfpFL-XbZI6TunxXPrbzIDM6OBGYymmAEC3zjJVsUDp4UKkUtM-gs-_hSw9Of6cusiim9aFaqAS_qpsaKbx1dPJl3Z15gJQwc5jqzYq5u0jK_lpud4Sy9cO_Vgc0Z7OWZURsFHk837nSyo_n5oqJNpAQRktOFo1DLDRkIvpq3oUAC289ZoCRD14qb8a9if-Ang8WtvXcRrGjniqJd0dOPiU7fg5cZgcp3ckTUcqtYi_fS4naJlf_DHp2AqBC1vzFqA097bvUZtkrkjCvKdbbVAnSLRUaKHATPuYDOCMPSHepWzq1uNPOD-T7olxVSfXc8fzOwRLm7hggg7b40zo4rz6uU3CRXLaE2xKbgY6FmIhkwHbSsNhl9yiFYhDnR2HVDQtudJMYdaiJWas0KI6uOa3NGM9eh9Bn5odnDadGwR_34KnuD3LSn7tgCZgnEFHtMLP6FrDMEKTxdTz3uLzu4rKguLjhWmXIxSuixg-y8KDt34ZAMl-ZtirhvoWV25m7uebg

Requested by

Host: zaxid.net
URL: https://zaxid.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
pxdrop.lijit.com/a/ Frame 4804 2 KB
1 KB 34ms
34ms Document
text/html 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=intelaxa.com&GDPR_v2=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 9260126dce8b9fd60aac45eb53913072a1184a936907db6518aa8bc22b49640d

Request headers

Host: pxdrop.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=c9e0b350e7671f85da7288c5; ctag=512:1614605055|515:1617110655|388:1617110655|580:1614605055|582:1614605055|520:1617110655|584:1614605055|234:1615728255|586:1614605055|203:1615728255|589:1617110655|462:1614605055|494:1614605055|561:1617110655|563:1617110655|565:1614605055|541:1615728255; ljtrtbexp=eJxljzEOwDAIA%2F%2BSuUMgGEi%2FVvXvVdMsuONJ5myuJu0UF%2FOODhxNFyI09UX3yqNiSGXpleecoAQVxC4QHbYv4udIctCopNaklWnEtCnJp3xPi%2FTLG1xycdQfBvmMfDYrg%2FIo%2F94PsO9SdQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866

Response headers

Content-Length: 1103
Cache-Control: max-age=604800
Expires: Sun, 07 Mar 2021 13:24:16 GMT
Date: Sun, 28 Feb 2021 13:24:16 GMT
Connection: keep-alive
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
pxdrop.lijit.com/a/ Frame 5124 2 KB
1 KB 67ms
33ms Document
text/html 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=intelaxa.com&GDPR_v2=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 9260126dce8b9fd60aac45eb53913072a1184a936907db6518aa8bc22b49640d

Request headers

Host: pxdrop.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=c9e0b350e7671f85da7288c5; ctag=512:1614605055|515:1617110655|388:1617110655|580:1614605055|582:1614605055|520:1617110655|584:1614605055|234:1615728255|586:1614605055|203:1615728255|589:1617110655|462:1614605055|494:1614605055|561:1617110655|563:1617110655|565:1614605055|541:1615728255; ljtrtbexp=eJxljzEOwDAIA%2F%2BSuUMgGEi%2FVvXvVdMsuONJ5myuJu0UF%2FOODhxNFyI09UX3yqNiSGXpleecoAQVxC4QHbYv4udIctCopNaklWnEtCnJp3xPi%2FTLG1xycdQfBvmMfDYrg%2FIo%2F94PsO9SdQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866

Response headers

Content-Length: 1103
Cache-Control: max-age=604800
Expires: Sun, 07 Mar 2021 13:24:16 GMT
Date: Sun, 28 Feb 2021 13:24:16 GMT
Connection: keep-alive
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
pxdrop.lijit.com/1.457.182/a/CH/ Frame C743 17 KB
8 KB 56ms
34ms Script
text/javascript 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1.457.182/a/CH/t_.js?cid=c026
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: e3ecb14e1d291633d0f81df4f1d0acb6d282463e0ceba698f4db8afa3c8ee00d

Request headers

Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Content-Encoding: gzip
X-Robots-Tag: noindex, nofollow
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: max-age=604800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 7951
Expires: Sun, 07 Mar 2021 13:24:16 GMT

GET
H/1.1 200
OK t_.js Show response
pxdrop.lijit.com/1.457.182/a/CH/ Frame B9BB 17 KB
8 KB 58ms
33ms Script
text/javascript 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1.457.182/a/CH/t_.js?cid=c026
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: e3ecb14e1d291633d0f81df4f1d0acb6d282463e0ceba698f4db8afa3c8ee00d

Request headers

Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Content-Encoding: gzip
X-Robots-Tag: noindex, nofollow
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: max-age=604800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 7951
Expires: Sun, 07 Mar 2021 13:24:16 GMT

GET
H/1.1 200
OK empty.js Show response
aqfer.lijit.com/samples/ Frame 7724 16 B
260 B 112ms
35ms Script
application/x-javascript 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aqfer.lijit.com/samples/empty.js
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Cache-Control: max-age=604800
Expires: Sun, 07 Mar 2021 13:24:16 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 16
Content-Type: application/x-javascript

GET
H/1.1 200
OK empty.js Show response
aqfer.lijit.com/samples/ Frame ED1B 16 B
260 B 153ms
42ms Script
application/x-javascript 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aqfer.lijit.com/samples/empty.js
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Cache-Control: max-age=604800
Expires: Sun, 07 Mar 2021 13:24:16 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 16
Content-Type: application/x-javascript

GET
H/1.1 200
OK empty.js Show response
aqfer.lijit.com/samples/ Frame 54CE 16 B
260 B 161ms
34ms Script
application/x-javascript 104.111.248.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aqfer.lijit.com/samples/empty.js
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:16 GMT
Cache-Control: max-age=604800
Expires: Sun, 07 Mar 2021 13:24:16 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 16
Content-Type: application/x-javascript

GET
H3-Q050

200

pixel Show response
cm.g.doubleclick.net/ Frame 1A6A
Redirect Chain

https://spl.zeotap.com/?zdid=678&env=mWeb&eventType=pageview&zcluid=c9e0b350e7671f85da7288c5&zctry=CH&gdpr=1&gdpr_consent=undefined
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&gdpr=1&gdpr_consent=undefined&id_mid_4=f1ddc1ec-a304-4942-52b3-a905725e5743&reqId=e18542d...

170 B
201 B

42ms
41ms

Document
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&gdpr=1&gdpr_consent=undefined&id_mid_4=f1ddc1ec-a304-4942-52b3-a905725e5743&reqId=e18542d4-caf2-4af4-7c7a-afa926c039c8&zcluid=c9e0b350e7671f85da7288c5&zctry=CH&zdid=678

Requested by

Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&gdpr=1&gdpr_consent=undefined&id_mid_4=f1ddc1ec-a304-4942-52b3-a905725e5743&reqId=e18542d4-caf2-4af4-7c7a-afa926c039c8&zcluid=c9e0b350e7671f85da7288c5&zctry=CH&zdid=678
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlwQ2aR4hKUIMcSw75OmuRzzfCKwSmYATqVKMm0eOLaN1F9eP9-bkFcuNYsycs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026

Response headers

content-type: image/png
date: Sun, 28 Feb 2021 13:24:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Sun, 28 Feb 2021 13:24:17 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9b4d6359791f394b84cd039ea305fbba1614518656; expires=Tue, 30-Mar-21 13:24:16 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=f1ddc1ec-a304-4942-52b3-a905725e5743; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%04%3C%D5%7D%91%F8%AB%5E%0CG%09%9Bs%DD%22%BE%0D%95%8B%08%DE%C4%19%3A%EB%5E%FB%11%04%7B%C0%88y4%F5jP%B1%7BS%90%F4%B7%DE%D6%D4%82%F2%7B%7D%3C%9B%9B%BBhY%88%AB%85%FBg%A2%06%B6%0D%C5%BA%87%EB%A5%3C%1F%1F9%5B%FC%C2%26%1F%9A%06%E7%B8; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://pxdrop.lijit.com
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&gdpr=1&gdpr_consent=undefined&id_mid_4=f1ddc1ec-a304-4942-52b3-a905725e5743&reqId=e18542d4-caf2-4af4-7c7a-afa926c039c8&zcluid=c9e0b350e7671f85da7288c5&zctry=CH&zdid=678
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 088a68b64600002c4e07ae9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 628a7703a92e2c4e-FRA

GET
H2

204

collect
dx.frontend.weborama.com/ Frame ED1B
Redirect Chain

https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined
https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined&bounce=1&random=2268080300
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D&gdpr=1&gdpr_consent=undefined
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=72CbGVY55ZPv&gdpr=1&gdpr_consent=undefined

0
123 B

32ms
32ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=72CbGVY55ZPv&gdpr=1&gdpr_consent=undefined
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 google
last-modified: Sun, 28 Feb 2021 13:24:16 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 google
last-modified: Sun, 28 Feb 2021 13:24:16 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=72CbGVY55ZPv&gdpr=1&gdpr_consent=undefined
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

collect
dx.frontend.weborama.com/ Frame 54CE
Redirect Chain

https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined
https://dx.frontend.weborama.com/collect?dsp_id=5&eid=c9e0b350e7671f85da7288c5&gdpr=1&gdpr_consent=undefined&bounce=1&random=3222225997
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D&gdpr=1&gdpr_consent=undefined
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LfcPQHM6as0t&gdpr=1&gdpr_consent=undefined

0
123 B

32ms
32ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LfcPQHM6as0t&gdpr=1&gdpr_consent=undefined
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/usync?i=g9vsltglsvoa0vgwp5ks&a=06c2e30fdd877c9c9f364d00462684f57&cb=5436401614518654866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.457.182&cid=c026
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 google
last-modified: Sun, 28 Feb 2021 13:24:16 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:16 GMT
via: 1.1 google
last-modified: Sun, 28 Feb 2021 13:24:16 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LfcPQHM6as0t&gdpr=1&gdpr_consent=undefined
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200
OK

Cookie set de
www.post.ch/ Frame 6EFD
Redirect Chain

https://cct.connects.ch/tpv.php?t=116404V1571145373M
https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1
https://tracking.adtracker.ch/link/red/l/Mzg2?lea_source=2021022814241845845090963X116404V1571145373M&utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects
https://www.post.ch/?lea_source=2021022814241845845090963X116404V1571145373M
https://www.post.ch/de?lea_source=2021022814241845845090963X116404V1571145373M

0
0

126ms
124ms

Document
text/html

2a00:17c8:0:103::20a
CH-POSTNETZ Post ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post.ch/de?lea_source=2021022814241845845090963X116404V1571145373M

Requested by

Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=40391365&campaign_id=1589447

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a00:17c8:0:103::20a Liebefeld, Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),

Reverse DNS

Software

Delivery1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .pnet.ch .post.ch .becompany.ch .signdemo.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.post.ch
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

Date: Sun, 28 Feb 2021 13:01:51 GMT
Server: Delivery1
Strict-Transport-Security: max-age=31536000
Set-Cookie: ittrksessid=d419a01b.5bc656b367f36;HttpOnly;Secure; path=/
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Cache-Control: max-age=1800
Content-Type: text/html; charset=utf-8
Expires: Sun, 28 Feb 2021 13:31:51 GMT
Content-Security-Policy: frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Age: 1348
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18721
Keep-Alive: timeout=5
Connection: Keep-Alive

Redirect headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Location: https://www.post.ch/de?lea_source=2021022814241845845090963X116404V1571145373M
Content-Length: 286
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 index.html Show response
campaigns.cembra.ch/campaigns/de/connects/ Frame 7578 426 B
1 KB 47ms
20ms Document
text/html 2a01:ab20:0:203::1:245
CYON

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=40391365&campaign_id=1589447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software: /
Resource Hash: 913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method: GET
:authority: campaigns.cembra.ch
:scheme: https
:path: /campaigns/de/connects/index.html?ap=116404
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

set-cookie: PHPSESSID=6aa11730a40d10b8e03c941f271fee17; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp1=Q0VNQlRDOTlBRkZHMDAwMDE5NjYwMTQ5MDA0NjAwMDAwMDAwMDA0NzAwMDAwMDAwMDAxMDE2MTQ1MTg2NTcwMGNvbm5lY3RzMDAyY2VhZWNjOWVmN2I2ZjhmZWZkNTM4MmQwODVkZjFjYQ%3D%3D; expires=Tue, 30-Mar-2021 13:24:17 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv1=connects; expires=Tue, 30-Mar-2021 13:24:17 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp1_e=MTYxNDUxODY1N2FmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Tue, 30-Mar-2021 13:24:17 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
content-length: 301
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 Feb 2021 13:24:17 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 index.html Show response
campaigns.cembra.ch/campaigns/de/cumulusmc_pv/ Frame 73AD 426 B
865 B 47ms
20ms Document
text/html 2a01:ab20:0:203::1:245
CYON

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=40391365&campaign_id=1589447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software: /
Resource Hash: 913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method: GET
:authority: campaigns.cembra.ch
:scheme: https
:path: /campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

set-cookie: PHPSESSID=b9caf761f747d996e2129cc1672b0e51; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp2=Q0VNQlRDMjUxMDAwMDE0MDEwNTcwMTU4MDAxMzAwMDAwMDAwMDAxMDAwMDAwMDAwMDA4MzE2MTQ1MTg2NTcwMGNvbm5lY3RzMDAwNzUxYWZmMWYxOWJjNGRiYWQ2MzllNzg2NmIxOWZjZQ%3D%3D; expires=Tue, 30-Mar-2021 13:24:17 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv2=connects; expires=Tue, 30-Mar-2021 13:24:17 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp2_e=MTYxNDUxODY1N2FmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Tue, 30-Mar-2021 13:24:17 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
content-length: 301
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 Feb 2021 13:24:17 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 33BF 291 B
559 B 92ms
31ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tjCFRUZWfOQd2r4f5PmnhQaqTCqCKieGkTxzCtz/GWjvGSkTNWjmsGgfE/2wGlVwK8BMqZcvhERs6owWuEKlcU66TGfmMWV7/AA==; vis2=315172^1; ses2=; khaos=KLP6PZFO-V-DG5Z; audit=1|hLZGFuTafB3zQw54h+LDGHp4/TMPY9Xww0Ymo7k1keORRENd/ZEsV7uywULs4mkIJhsHlJbldDerp/BTJtNDSaZr5ZVxLWDe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Feb 2021 13:24:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 33BF 31 KB
10 KB 47ms
47ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38290
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9308
Expires: Mon, 01 Mar 2021 00:02:27 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 33BF
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xQNlBaRk8tVi1ERzVa

170 B
213 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xQNlBaRk8tVi1ERzVa

Requested by

Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xQNlBaRk8tVi1ERzVa
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 33BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTAwNDZjY2RmNzc0M2Y3YzYzYTBlMTMwMzdjOTY2Mzk3YjM4OGRjMA

170 B
190 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTAwNDZjY2RmNzc0M2Y3YzYzYTBlMTMwMzdjOTY2Mzk3YjM4OGRjMA

Requested by

Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTAwNDZjY2RmNzc0M2Y3YzYzYTBlMTMwMzdjOTY2Mzk3YjM4OGRjMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 33BF 70 B
265 B 3197ms
80ms Image
image/gif 52.16.108.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.108.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 33BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEExjhXSFNNT-PhsWZ_vGmV8&google_cver=1

42 B
678 B

99ms
25ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEExjhXSFNNT-PhsWZ_vGmV8&google_cver=1
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEExjhXSFNNT-PhsWZ_vGmV8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 709414.gif
id.rlcdn.com/ Frame 33BF 0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 33BF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YDuZggAAAK1gHFZV
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDuZggAAAK1gHFZV&_test=YDuZggAAAK1gHFZV

42 B
678 B

26ms
25ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDuZggAAAK1gHFZV&_test=YDuZggAAAK1gHFZV
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614518659.555158,VS0,VE0
x-served-by: cache-fra19156-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDuZggAAAK1gHFZV&_test=YDuZggAAAK1gHFZV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 33BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/lUsQ9BYPxZdlmXKtkUoLaA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8913913027722238241

42 B
678 B

54ms
26ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8913913027722238241
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Sun, 28 Feb 2021 13:24:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8913913027722238241
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 33BF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7de0603b-9981-4100-97f4-d7f9996da288

42 B
678 B

29ms
29ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7de0603b-9981-4100-97f4-d7f9996da288
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

Date: Sun, 28 Feb 2021 13:24:17 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7de0603b-9981-4100-97f4-d7f9996da288
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 Feb 2021 13:24:16 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame F312 35 B
466 B 43ms
43ms Other
image/gif 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8405308105229877284@@39656147,3507541921140877107,100|1101|0|0|0|0|0|0|0||38|1|31|072f534072bcdc8160bb7737c1a7e5e3c9d05279_1|||1|0|0|4mLYcqF8clBcPlakbYq96XCAEL9m8lsPXVNv9AjZFuvLzjnSTIGw-cyz8d6D7jvo0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame F312 35 B
294 B 43ms
43ms Image
image/gif 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=39656147&event=178&time=2&baid=40391365&name=Viewable%20impressions&imprid=3507541921140877107&icid=8405308105229877284&eData=QWjdceR8QVk6cz1p2Gsj2FIlj0leblS74fn4X_ACi5iJwqOfX53-NNFWb4A2I0__KBWbmvuGmq1I_v4ebamRCg2&rtbdata=BU3e4SiRjQsQadOvFWhmf4zNi7adpM36odJHfjso6stebTG7sIFoEPK1PcYbFMOexACF2t0J_X53kOO0KuKqEaj76eGaEq4sVoNGea-fY7VRbHG75jX5OkxSxgeOJRI-ikSyMY6XAlzJPXpFOZZcG2a0S7aetQnPHyS0NlKv2z5Qdz3QTj7d-wnjYrKe0aynjq0tk4pSVLdgq0bDMtd9Zjb_119wm4vvp_sx9R6kupzhQW6FXjSrzw2&rtbwp=737EC2967AFB16C2&rnd=917801091

Requested by

Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 34B5 52 KB
17 KB 340ms
26ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI2KZEEAoYASABKAEwgLPugQY4AUABSAEQgLPugQYYAA..; uuid2=6864390710533493707
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 28 Feb 2021 13:24:18 GMT
Age: 27225
X-Served-By: cache-lga21945-LGA, cache-hhn4052-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 369730
X-Timer: S1614518659.728622,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame D609 498 B
631 B 34ms
33ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: cad478f098c274fc1e071ad07befda0e91a7067160d72b01be7380bf7e977a6b

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=4014fede-5316-0084-1540-5f2713d73c25|1614518655; pd=v2|1614518656|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=4014fede-5316-0084-1540-5f2713d73c25|1614518655; Version=1; Expires=Mon, 28-Feb-2022 13:24:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614518656.2|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Mon, 15-Mar-2021 13:24:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 28 Feb 2021 13:24:18 GMT
content-type: text/html
content-length: 316
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F0FD 291 B
559 B 42ms
42ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tjCFRUZWfOQd2r4f5PmnhQaqTCqCKieGkTxzCtz/GWjvGSkTNWjmsGgfE/2wGlVwK8BMqZcvhERs6owWuEKlcU66TGfmMWV7/AA==; vis2=315172^1; ses2=; khaos=KLP6PZFO-V-DG5Z; pux=1512%3D97838%262249%3D97838%262307%3D97838%262974%3D97838%263778%3D97838%26goog%3D97838%262249-DV360-Hosted%3D97838%26idl%3D97838%26; audit=1|hLZGFuTafB3zQw54h+LDGHp4/TMPY9Xww0Ymo7k1keMJlvZ9vhV4/nWJb8lyrTWxTftNdWV0BMcK2yMHxwu6l7KpUjWTmmg0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Feb 2021 13:24:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 17EF 37 KB
14 KB 810ms
31ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137579
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D609
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=

43 B
106 B

33ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 28 Feb 2021 13:24:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

dds
rtb.openx.net/sync/ Frame D609
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=TO5Lu1MXhl2p4tt4pOk1Yg==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

35ms
34ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: vo3cqn9l75e6f3m3tffoqqg4mggfvtb0

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 077fa7c3-6a3d-ad3a-7e41-813a88a7c291
pr-bh.ybp.yahoo.com/sync/openx/ Frame D609 43 B
838 B 105ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/077fa7c3-6a3d-ad3a-7e41-813a88a7c291?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame D609
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2ofcLqOd1Lgm3z5

43 B
106 B

36ms
35ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2ofcLqOd1Lgm3z5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:21 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:20 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2ofcLqOd1Lgm3z5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D609
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://x.bidswitch.net/sync?dsp_id=59&user_id=a15623fd-8b62-4c30-83dc-13adfd034468&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=dc1eca1c-1283-4e16-a00f-710046b06d0b

43 B
106 B

36ms
35ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=dc1eca1c-1283-4e16-a00f-710046b06d0b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=dc1eca1c-1283-4e16-a00f-710046b06d0b
date: Sun, 28 Feb 2021 13:24:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D609
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHd0hVN0Fkek1BQUJIUkJ1cWFOdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGwHU7AdzMAABHRBuqaNw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGwHU7AdzMAABHRBuqaNw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7747237351274062879
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGwHU7AdzMAABHRBuqaNw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7747237351274062879%26bee_sync_partners%3Dox%26bee_sync...
https://match.prod.bidr.io/cookie-sync?userid=7747237351274062879&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGwHU7AdzMAABHRBuqaNw&pid=558502&d...
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGwHU7AdzMAABHRBuqaNw

43 B
106 B

35ms
35ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGwHU7AdzMAABHRBuqaNw
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:21 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGwHU7AdzMAABHRBuqaNw
Date: Sun, 28 Feb 2021 13:24:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F0FD 31 KB
10 KB 39ms
38ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38289
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9308
Expires: Mon, 01 Mar 2021 00:02:27 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 34B5 0
749 B 38ms
38ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:18 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: e0bb983e-50a0-4903-971f-6149e988b805
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame CE30 80 KB
26 KB 89ms
40ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:19 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 01 Mar 2021 13:24:19 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9F53 37 KB
14 KB 34ms
32ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137579
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame FA2F 37 KB
14 KB 40ms
40ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137579
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 17EF 8 KB
9 KB 94ms
31ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6b14f6fa2f7a11addb79dbdfaf96db131b82d226b2320fc9560813ed66891466

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:18 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame E8FC 24 B
329 B 126ms
30ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 21:09:16 GMT
Cache-Control: private
Expires: Wed, 10 Mar 2021 12:39:14 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 24
Content-Type: text/html; charset=UTF-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C662 0
150 B 41ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=zaxid.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=zaxid.net
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1306
date: Sun, 28 Feb 2021 13:24:19 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame CE30 80 KB
26 KB 68ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:19 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 01 Mar 2021 13:24:19 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 66E6 43 B
284 B 362ms
37ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 28 Feb 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1405
date: Sun, 28 Feb 2021 13:24:19 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 5CC5
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6702532818025395296

42 B
973 B

38ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6702532818025395296
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; chkChromeAb67Sec=2; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67; SPugT=1614518662; KRTBCOOKIE_1101=23040-6934304852086749328; KRTBCOOKIE_409=22966-aNTgkuyUQdnesIdpkRRzWZKk&KRTB&23212-aNTgkuyUQdnesIdpkRRzWZKk; PugT=1614518662
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Sun, 28 Feb 2021 13:24:21 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_336=5844-6702532818025395296; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:21 GMT; path=/ PugT=1614518661; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:21 GMT; path=/
X-lat: Pug23031:0:324
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6702532818025395296
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame FAED
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERlIwN0Fkek1BQUJFWEZ6TVNOQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGwHU7AdzMAABHRBuqaNw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7747237351274062879
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGwHU7AdzMAABHRBuqaNw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7747237351274062879%26bee_sync_partners%3Dpm%26bee_sync...
https://match.prod.bidr.io/cookie-sync?userid=7747237351274062879&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGwHU7AdzMAABHRBuqaNw&pid=558502&d...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGwHU7AdzMAABHRBuqaNw

42 B
773 B

709ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGwHU7AdzMAABHRBuqaNw
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:20 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:20 GMT; path=/ PugT=1614518660; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:20 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:20 GMT; path=/
X-lat: lhrpug005:0:540
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGwHU7AdzMAABHRBuqaNw
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame EB1A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934304852086749328

42 B
975 B

39ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934304852086749328
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; PugT=1614518661; chkChromeAb67Sec=2; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67; SPugT=1614518662
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Sun, 28 Feb 2021 13:24:21 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_1101=23040-6934304852086749328; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:21 GMT; path=/ PugT=1614518661; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:21 GMT; path=/
X-lat: Pug23050:0:312
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6934304852086749328; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934304852086749328

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame FE42
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aNTgkuyUQdnesIdpkRRzWZKk

42 B
811 B

38ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aNTgkuyUQdnesIdpkRRzWZKk
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; PugT=1614518661; chkChromeAb67Sec=2; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67; SPugT=1614518662
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:22 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-aNTgkuyUQdnesIdpkRRzWZKk&KRTB&23212-aNTgkuyUQdnesIdpkRRzWZKk; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:22 GMT; path=/ PugT=1614518662; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:22 GMT; path=/
X-lat: lhrpug001:0:472
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sun, 28 Feb 2021 13:24:22 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=aNTgkuyUQdnesIdpkRRzWZKk; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aNTgkuyUQdnesIdpkRRzWZKk
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame AF33
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

42 B
979 B

39ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; chkChromeAb67Sec=2; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67; SPugT=1614518662; KRTBCOOKIE_1101=23040-6934304852086749328; KRTBCOOKIE_409=22966-aNTgkuyUQdnesIdpkRRzWZKk&KRTB&23212-aNTgkuyUQdnesIdpkRRzWZKk; PugT=1614518662
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Sun, 28 Feb 2021 13:24:21 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:21 GMT; path=/ PugT=1614518661; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:21 GMT; path=/
X-lat: Pug23036:0:370
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

Server: Tengine
Date: Sun, 28 Feb 2021 13:24:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
ETag: OPTOUT

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 1B85 43 B
408 B 130ms
43ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 08EA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
447 B

196ms
192ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=ainoeUt3ern6AxvVDR84caXHbA3d25FrLHKdPKpE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date: Sun, 28 Feb 2021 13:24:19 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=dd69fe83cce5bf26569b3f3c89d52ccce1614518659; expires=Tue, 30-Mar-21 13:24:19 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aKnseFxNeThBeZdwQMhEvL06V34xm875i24ubnWVqT6mGU2PbykoxkbsLZamuBZdYJGGvZcZdnZbM66PP0bdiWZbnDF; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 13:24:19 GMT; SameSite=None; Secure; ANON_ID_old=aKnseFxNeThBeZdwQMhEvL06V34xm875i24ubnWVqT6mGU2PbykoxkbsLZamuBZdYJGGvZcZdnZbM66PP0bdiWZbnDF; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 13:24:19 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 088a68c1fb00004e976a38e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 628a77165ebf4e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 28 Feb 2021 13:24:19 GMT
content-type: text/html
set-cookie: __cfduid=dd69fe83cce5bf26569b3f3c89d52ccce1614518659; expires=Tue, 30-Mar-21 13:24:19 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=ainoeUt3ern6AxvVDR84caXHbA3d25FrLHKdPKpE; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 13:24:19 GMT; SameSite=None; Secure; ANON_ID_old=ainoeUt3ern6AxvVDR84caXHbA3d25FrLHKdPKpE; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 13:24:19 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 3288
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 088a68c12f00004e9744b83000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 628a77151ca14e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 149C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1CUnyW6w5JlQ&pid=557219

1 B
463 B

1193ms
40ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1CUnyW6w5JlQ&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:20 GMT; path=/
X-lat: lhrpug014:0:836
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-75d6d6d469-q4ssx
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=1CUnyW6w5JlQ;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 23-Feb-2022 13:24:19 GMT;Max-Age=31104000;SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1CUnyW6w5JlQ&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame BF74
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
54 B

34ms
33ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server: nginx
accept-ranges: bytes
date: Sun, 28 Feb 2021 13:24:22 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1614518663.559744,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 28-Feb-2022 13:24:22 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=83ce8467-3296-460a-8fea-5429591f952b-tuct7351f06&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sun, 28 Feb 2021 13:24:22 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1614518662.480537,VS0,VE53
x-vcl-time-ms: 53
content-length: 0

GET
H2

200

receive Show response
pixel.tapad.com/idsync/ex/ Frame 6166
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

95 B
165 B

35ms
35ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1614518658095; TapAd_DID=427eabf2-79c8-11eb-bea7-027dc9ca60cc; TapAd_3WAY_SYNCS=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date: Sun, 28 Feb 2021 13:24:20 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

Date: Sun, 28 Feb 2021 13:24:18 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:18 GMT; path=/
X-lat: Pug23043:0:366
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Content-Length: 385
X-Cnection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame D36B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2wl0iO9Y1Lgm3z5&gdpr=0&gdpr_consent=

42 B
769 B

41ms
39ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2wl0iO9Y1Lgm3z5&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95403655&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; PugT=1614518660; SPugT=1614518661
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:21 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:21 GMT; path=/ PugT=1614518661; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 13:24:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:21 GMT; path=/
X-lat: lhrpug002:0:604
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Sun, 28 Feb 2021 13:24:20 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2wl0iO9Y1Lgm3z5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=2wl0iO9Y1Lgm3z5; Domain=.w55c.net; Expires=Mon, 28-Mar-2022 13:24:21 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 30-Mar-2021 13:24:21 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 17EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EgIR97F9QJKWLqSw3_uPhQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

39ms
39ms

Image
text/html

23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=138484
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Tue, 02 Mar 2021 03:52:23 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 17EF 95 B
335 B 35ms
25ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=120211F7-B17D-4092-962E-A4B0DFFB8F85
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 628a7715199d2c4e-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 088a68c12c00002c4e462ba000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 17EF
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=120211F7-B17D-4092-962E-A4B0DFFB8F85&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=120211F7-B17D-4092-962E-A4B0DFFB8F85&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

67ms
66ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=120211F7-B17D-4092-962E-A4B0DFFB8F85&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:20 GMT
frontend-id: 7
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:20 GMT
frontend-id: 11
location: /pubmatic/1/info2?sType=sync&sExtCookieId=120211F7-B17D-4092-962E-A4B0DFFB8F85&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=120211F7-B17D-4092-962E-A4B0DFFB8F85&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=120211F7-B17D-4092-962E-A4B0DFFB8F85&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=120211F7-B17D-4092-962E-A4B0DFFB8F85&addseg=31

7 B
147 B

117ms
39ms

Image
text/plain

185.64.190.106
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=120211F7-B17D-4092-962E-A4B0DFFB8F85&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:22 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sun, 28 Feb 2021 13:24:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=120211F7-B17D-4092-962E-A4B0DFFB8F85&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTIwMjExRjctQjE3RC00MDkyLTk2MkUtQTRCMERGRkI4Rjg1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
709 B

1237ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-lat: Pug23032:0:297
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECyadS5L-2CUzoKPhRaHZ1k&google_cver=1

42 B
1 KB

1275ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECyadS5L-2CUzoKPhRaHZ1k&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:20 GMT
X-lat: Pug23044:0:320
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECyadS5L-2CUzoKPhRaHZ1k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 17EF 43 B
409 B 38ms
28ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 27 Feb 2021 13:24:19 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ebe2308-d361-42d6-8318-e6a2b0792897

42 B
882 B

57ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ebe2308-d361-42d6-8318-e6a2b0792897
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:20 GMT
X-lat: lhrpug010:0:326
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ebe2308-d361-42d6-8318-e6a2b0792897
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8405308105229877284

42 B
974 B

1418ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8405308105229877284
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:18 GMT
X-lat: Pug23040:0:262
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8405308105229877284
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=

42 B
1 KB

1383ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:20 GMT
X-lat: Pug23024:0:313
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 Feb 2021 13:24:18 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6864390710533493707&gdpr=0&gdpr_consent=

42 B
769 B

1310ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6864390710533493707&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:20 GMT
X-lat: lhrpug014:0:605
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid: dd15b057-9f82-491b-8bcf-6988500d67d4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6864390710533493707&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=120211F7-B17D-4092-962E-A4B0DFFB8F85&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LpjfIT91l2I7LE.iwj7XFr.KpNa8byc-&gdpr=0&gdpr_consent=

0
587 B

377ms
33ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LpjfIT91l2I7LE.iwj7XFr.KpNa8byc-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Sun, 28 Feb 2021 13:24:21 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sun, 28 Feb 2021 13:24:20 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LpjfIT91l2I7LE.iwj7XFr.KpNa8byc-&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 120211F7-B17D-4092-962E-A4B0DFFB8F85
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 17EF 43 B
192 B 40ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/120211F7-B17D-4092-962E-A4B0DFFB8F85?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:19 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

sync
a.volvelle.tech/ Frame 17EF
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=

1 B
931 B

1328ms
38ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-lat: Pug23045:0:245
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9040159769359373822&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 28 Feb 2021 13:24:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA

42 B
1 KB

1221ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-lat: Pug23030:0:295
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=

1 B
809 B

1359ms
39ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:20 GMT
X-lat: lhrpug015:0:425
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614518659.385212,VS0,VE0
x-served-by: cache-fra19156-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=

42 B
1004 B

1343ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-lat: Pug23046:0:286
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 17EF 0
104 B 98ms
64ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=120211F7-B17D-4092-962E-A4B0DFFB8F85&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d59cbe7-e707-4814-9380-66879489ac3b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
709 B

40ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d59cbe7-e707-4814-9380-66879489ac3b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-lat: Pug23039:0:292
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d59cbe7-e707-4814-9380-66879489ac3b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 28 Feb 2021 13:24:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET apn
ads.playground.xyz/usersync/ Frame 17EF 0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_01110cb2-6879-4a40-90ae-8a65dd433feb

42 B
790 B

38ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_01110cb2-6879-4a40-90ae-8a65dd433feb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:23 GMT
X-lat: lhrpug012:0:323
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_01110cb2-6879-4a40-90ae-8a65dd433feb
date: Sun, 28 Feb 2021 13:24:23 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E2B7 37 KB
14 KB 55ms
54ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137579
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4673 37 KB
14 KB 49ms
48ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137579
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame E8FC 2 KB
2 KB 488ms
121ms Script
text/html 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=667074&adId=2668709&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fzaxid.net%2F&inIframe=1&kadpageurl=zaxid.net&schain=SUPPLYCHAIN_GOES_HERE&operId=3&sec=1&kltstamp=2021-2-28%2014%3A24%3A19&timezone=1&screenResolution=1600x1200&ranreq=0.7972226841565497&pmUniAdId=0&gdpr=0&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7842e82ce0b1e30779002c23f7f7e6f6b19344b6b9ddf46b6e9fb02e0f0d7e64

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 34B5 0
748 B 54ms
52ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid: 79c119bc-94fa-4ddb-be68-cae0d79263d9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame E8FC 7 KB
4 KB 40ms
39ms Script
application/javascript 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?id=18709869

Requested by

Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=667074&adId=2668709&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fzaxid.net%2F&inIframe=1&kadpageurl=zaxid.net&schain=SUPPLYCHAIN_GOES_HERE&operId=3&sec=1&kltstamp=2021-2-28%2014%3A24%3A19&timezone=1&screenResolution=1600x1200&ranreq=0.7972226841565497&pmUniAdId=0&gdpr=0&dspids=%7B%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2d7a88c68eba5ba1d8b5e78661e70e26a4572eab30955a0a2ef16c2a61a90f65

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d7455116-8192-40b2-bf55-2c31ef348683
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame E8FC 51 B
375 B 16ms
15ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18709869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 28 Feb 2021 13:24:19 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 2024
content-length: 169
expires: 60

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame E8FC 0
820 B 53ms
52ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1614518659&bdh=dvLX0xWKg8huBuiz3JhWlOpCKEc.&&bdref=https%3A%2F%2Fzaxid.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fzaxid.net%2F,https%3A%2F%2Fintelaxa.com%2Fcounter%3Fi%3Dg9vsltglsvoa0vgwp5ks%26a%3D9e4dc4e4db6d6d12d3921230059802003%26cb%3D7114211614518654871,https%3A%2F%2Fintelaxa.com%2Fcounter%3Fi%3Dg9vsltglsvoa0vgwp5ks%26a%3D9e4dc4e4db6d6d12d3921230059802003%26cb%3D7114211614518654871&&id=18709869

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18709869

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid: a922353d-07ce-4e5a-bc25-365769fbe6d8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK AdDisplayTrackerServlet Show response
aktrack.pubmatic.com/AdServer/ Frame 123B 0
124 B 97ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=667074&adId=2668709&adType=3&adServerId=165&kefact=0.100000&kaxefact=0.100000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=0&kltstamp=1614518659&indirectAdId=2342932&adServerOptimizerId=1&ranreq=0.7972226841565497&kpbmtpfact=0.000000&dcId=3&tldId=60823901&passback=3&svr=ADS23004U&adsver=_3781111458&adsabzcid=0&ekefact=g5k7YHL7DABgNl4lt58yTHy_X8EfYa3wh20PB6W9IE7APMk-&ekaxefact=g5k7YI37DADOOhw1hsD618fUCkEwh5ExlfMiczWEdpWPsJ9w&ekpbmtpfact=g5k7YKb7DADmyFSyXbNY-w8NVZ7rBhmWo4-DpZt8GLDfY0c0&enpp=g5k7YMf7DAA1_K1icIuLlQhO4QOcC76dItN84eVvWcPWrMZw&pfi=1&dc=lhr19&crID=0&campaignId=0&isRTB=0&imprId=6DD3FBC6-CD4D-4852-B83C-B84FFAA0D046&oid=6DD3FBC6-CD4D-4852-B83C-B84FFAA0D046&cntryId=45&domain=zaxid.net&pageURL=zaxid.net&sec=1&pAuSt=2
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35; PUBMDCID=3; pp=155495; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871

Response headers

Content-Type: text/html
Content-Length: 0
Date: Sun, 28 Feb 2021 13:24:20 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9872 37 KB
14 KB 95ms
94ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35; PUBMDCID=3; pp=155495; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137614
Expires: Tue, 02 Mar 2021 03:37:54 GMT
Date: Sun, 28 Feb 2021 13:24:20 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 request Show response
track.adtrue.com/track/ Frame 92C5 662 B
756 B 615ms
203ms Document
text/html 54.69.220.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/request?pzoneid=17670&domain=zaxid.net&ref=https%3A%2F%2Fzaxid.net%2F&loc=https%3A%2F%2Fzaxid.net%2F
Requested by: Host: intelaxa.com
URL: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.220.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-220-219.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2610fe2184436d61ecf9b0e225eb7aad9b3adceecd49cb9f7494786322be2c0d

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/request?pzoneid=17670&domain=zaxid.net&ref=https%3A%2F%2Fzaxid.net%2F&loc=https%3A%2F%2Fzaxid.net%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=9e4dc4e4db6d6d12d3921230059802003&cb=7114211614518654871

Response headers

date: Sun, 28 Feb 2021 13:24:20 GMT
content-type: text/html
content-length: 662
server: nginx
x-host-name: java4

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame 92C5 79 KB
31 KB 51ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST

Requested by

Host: track.adtrue.com
URL: https://track.adtrue.com/track/request?pzoneid=17670&domain=zaxid.net&ref=https%3A%2F%2Fzaxid.net%2F&loc=https%3A%2F%2Fzaxid.net%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b85debdbbca358adaf9d180aa26a252a55fe7a09a1762975758c84176af20e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adtrue.com/track/request?pzoneid=17670&domain=zaxid.net&ref=https%3A%2F%2Fzaxid.net%2F&loc=https%3A%2F%2Fzaxid.net%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31620
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 13:24:20 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 92C5 137 KB
52 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ace40ecea297ce25a4d47627dd865df11e30c1fb7f3e5709db757010c66d7fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adtrue.com/track/request?pzoneid=17670&domain=zaxid.net&ref=https%3A%2F%2Fzaxid.net%2F&loc=https%3A%2F%2Fzaxid.net%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:24:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53661
x-xss-protection: 0
expires: Sun, 28 Feb 2021 13:24:20 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 92C5 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://track.adtrue.com/track/request?pzoneid=17670&domain=zaxid.net&ref=https%3A%2F%2Fzaxid.net%2F&loc=https%3A%2F%2Fzaxid.net%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5823
date: Sun, 28 Feb 2021 11:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 13:47:17 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame F312 35 B
466 B 44ms
44ms Other
image/gif 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8405308105229877284@@39656147,3507541921140877107,100|4700|0|0|0|0|0|0|0||160|1|31|072f534072bcdc8160bb7737c1a7e5e3c9d05279_1|||1|0|0|4mLYcqF8clBcPlakbYq96XCAEL9m8lsPXVNv9AjZFuvLzjnSTIGw-cyz8d6D7jvo0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intelaxa.com/counter?i=g9vsltglsvoa0vgwp5ks&a=aadb5e615090ea3f1d86c12057b8b8ca9&cb=6341631614518654867
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://intelaxa.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 17EF 0
587 B 130ms
32ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Sun, 28 Feb 2021 13:24:21 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 190ms
58ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=8773:time[url:%2F,device:desktop,user_id:37616c4ba.7894a39f7_1614518651770,cdn_version:12]&s=3d1e0f336edd434230bc60c414b96895&1614518661803
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/fAlBsBTbbN7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zaxid.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:21 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9F53 37 KB
14 KB 33ms
32ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; SPugT=1614518661; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; PugT=1614518661; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137612
Expires: Tue, 02 Mar 2021 03:37:54 GMT
Date: Sun, 28 Feb 2021 13:24:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame FA2F 37 KB
14 KB 40ms
40ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1615680000%3A88_21_13_204_220_166_55_3_56_8_81_176_189_161_71_222_78_5_223_165_22_54_7_99%7C1615075200%3A2_67_15%7C1617062400%3A203%7C1615334400%3A63%7C1615766400%3A35; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; SPugT=1614518661; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; PugT=1614518661; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137576
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9F53 1 KB
2 KB 31ms
30ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=78216378&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 19665901d0671188f583b41dd36eeab442915cddee8d3d53e432b693aced566d

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 21:09:19 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 1234
Content-Type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame D71E 35 B
333 B 43ms
43ms Document
image/gif 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=120211F7-B17D-4092-962E-A4B0DFFB8F85

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=78216378&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=120211F7-B17D-4092-962E-A4B0DFFB8F85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=8405308105229877284; TPC=1614518655897
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server: nginx
date: Sun, 28 Feb 2021 13:24:22 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=8405308105229877284; expires=Thu, 29 Apr 2021 13:24:22 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 79A4
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E7B1320711C14F3E9705E99B28255E27

1 B
667 B

39ms
38ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E7B1320711C14F3E9705E99B28255E27
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=78216378&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; SPugT=1614518661; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; PugT=1614518661; pi=137711:4; chkChromeAb67Sec=2; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Sun, 28 Feb 2021 13:24:22 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 13:24:22 GMT; path=/
X-lat: Pug23024:0:282
Content-Length: 1
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: text/html; charset=utf-8

Redirect headers

server: nginx
date: Sun, 28 Feb 2021 13:24:22 GMT
content-type: text/html
content-length: 154
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E7B1320711C14F3E9705E99B28255E27
expires: Sat, 27 Feb 2021 13:24:22 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK Cookie set merge Show response
ce.lijit.com/ Frame E202 43 B
4 KB 49ms
48ms Document
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=58&3pid=120211F7-B17D-4092-962E-A4B0DFFB8F85
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=c9e0b350e7671f85da7288c5; ctag=512:1614605055|515:1617110655|388:1617110655|580:1614605055|582:1614605055|520:1617110655|584:1614605055|234:1615728255|586:1614605055|203:1615728255|589:1617110655|462:1614605055|494:1614605055|561:1617110655|563:1617110655|565:1614605055|541:1615728255; ljtrtbexp=eJxljzEOwDAIA%2F%2BSuUMgGEi%2FVvXvVdMsuONJ5myuJu0UF%2FOODhxNFyI09UX3yqNiSGXpleecoAQVxC4QHbYv4udIctCopNaklWnEtCnJp3xPi%2FTLG1xycdQfBvmMfDYrg%2FIo%2F94PsO9SdQ%3D%3D; _ljtrtb_1=8968102175321445886; _ljtrtb_43=m6lUB5SgX1WAqFRWyK9KVpr6Al2ArlJSy_jlyKuv; _ljtrtb_76=ff561f47-1025-057e-082a-21690f41308a; _ljtrtb_23=CAESEAUBS8vv0ym1l5wntvPCgY4; _ljtrtb_5001=eaf3f73921f9bbb4251d47d8b56d02d4; _ljtrtb_12=6864390710533493707; _ljtrtb_49=1CUnyW6w5JlQ; _ljtrtb_3=7999603b-9981-4300-a7c5-17430a88d31a; _ljtrtb_26=dc1eca1c-1283-4e16-a00f-710046b06d0b; _ljtrtb_2=E7B1320711C14F3E9705E99B28255E27; _ljtrtb_87=0d26cd41-03e8-4c74-8132-57b5426fcd7c; _ljtrtb_16=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; _ljtrtb_80=KLP6PZFO-V-DG5Z; _ljtrtb_85=AADFR07AdzMAABEXFzMSNA; _ljtrtb_84=c:3ac2bd4c7b2f5b7a7abf5b08babbd97f; _ljtrtb_86=y2ZG0FBNLjZ9vAp0tpBb; ljtrtb=eJwtkFtPHDEMhf%2FLPDeSndi58JZZZpBYoFtWy9J9qXKZIKEBbREdNFT9702qPiWyP%2Fv4nN8dyu6i01aTcmAQWClyyoDpvnRS1dbGD%2FvBH%2Fq9XRZYX3Dmj9f3Zbd5%2Bk4VYQCs0BSKKkY5icXFGEkyZjLZRtYZZG6k1JXLCacUMAmUVgmaUIsAUEQVBtIRKh0ri41NrHjiSQqdQxFECYTVZhIpy%2BKAXDCFhAYVnbMoSJGtk%2BTqJG4Or%2BtRf%2FD1%2FK1tqyXrtEWQaFhJJGJrdbupdgbTo5LVOm6QRjU4Azw410srmQfZcmgxGOdcExP%2F1QBEMIkFmvoP1maFoaIWKru92endafwqHsTlFZ9amZqhCxWSjJmSibJwNMGEWF%2BwMcSYnSmN5Ep6fzneg%2FH589b7fngcP2%2F3d751WzCrPF3B2N%2FdPJ%2Fc4s%2Fwfu5baNTOfNHzoef90yMe%2Fc%2Fx%2Frhu3fbh%2FKb9LP3bfL1ffzzP6%2FbXUnnTdpXCGgsZUcNhAVzzBSuDkKgdFEIF9p8tU1nIUqdMKEBNVlQXJGyNTrCJTFKXlE3q%2FvwFKqaUFA%3D%3D; _ljtrtb_83=KLP6PZFO-V-DG5Z
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 13:24:22 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_80=KLP6PZFO-V-DG5Z;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_5001=eaf3f73921f9bbb4251d47d8b56d02d4;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_26=dc1eca1c-1283-4e16-a00f-710046b06d0b;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_49=1CUnyW6w5JlQ;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_16=c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_83=KLP6PZFO-V-DG5Z;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=7999603b-9981-4300-a7c5-17430a88d31a;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_84=c:3ac2bd4c7b2f5b7a7abf5b08babbd97f;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_2=E7B1320711C14F3E9705E99B28255E27;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_85=AADFR07AdzMAABEXFzMSNA;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_1=8968102175321445886;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=y2ZG0FBNLjZ9vAp0tpBb;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_43=m6lUB5SgX1WAqFRWyK9KVpr6Al2ArlJSy_jlyKuv;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=ff561f47-1025-057e-082a-21690f41308a;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_87=0d26cd41-03e8-4c74-8132-57b5426fcd7c;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_23=CAESEAUBS8vv0ym1l5wntvPCgY4;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_12=6864390710533493707;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJxtkFtPHDEMhf%2FLPBPJTuxceMssM0gs0C2rZem%2BVLlMkNCAFkQXDVX%2FexPUxz4lsj%2F7%2BJzfHcruvNNWk3JgEFgpcsqA6c46qWpr5Yft4Hf91p5OsDzjzB8v76fN6vEHVYQBsEJTKKoY5SQWF2MkyZjJZBtZZ5C5kVJXLiecUsAkUFolaEItAkARVRhIR6h0rCw2NrHiiScpdA5FECUQVptJpCyLA3LBFBIaVHTOoiBFtk6Sq5O42r0se%2F3BV%2FP3tq2WrNMWQaJhJZGIrdXtptoZTI9KVuu4QhrV4Azw4FwvrWQeZMuhxWCcc01M%2FFMDEMEkFmjqP1ibFYaKWqjs%2BnqjN4fxm7gXF5d8aGX1%2FzI1n%2BcqJBkzJRNl4WiCCbG%2BYGOIMTtTGsmV9P5ivAPj8%2BeN9%2F3wMH7ebG9967a8Fnm4hLG%2FvX46uJM%2Fwvuxb1lSk37W867n7eMD7v3reLdf1m59f3zTfpb%2Bbb7aLj%2Bf5mX961R503aVwhoLGVEzYwFcYwcrg5CoHRRCBfbLraksZKlTJhSgJiuqCxK2JirYRCapS8omdX%2F%2BAhjhmZM%3D;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:22 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_58=120211F7-B17D-4092-962E-A4B0DFFB8F85;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:22 GMT;Max-Age=31536000;Secure;SameSite=None ctag=512:1614605055|515:1617110655|388:1617110655|580:1614605055|582:1614605055|520:1617110655|584:1614605055|234:1615728255|586:1614605055|203:1615728255|589:1617110655|462:1614605055|494:1614605055|561:1617110655|563:1617110655|565:1614605055|541:1615728255;Path=/;Domain=.lijit.com;Expires=Tue, 30-Mar-2021 13:24:22 GMT;Max-Age=2592000;Secure;SameSite=None ljt_reader=c9e0b350e7671f85da7288c5;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxljzEOwDAIA%2F%2BSuUMgGEi%2FVvXvVdMsuONJ5myuJu0UF%2FOODhxNFyI09UX3yqNiSGXpleecoAQVxC4QHbYv4udIctCopNaklWnEtCnJp3xPi%2FTLG1xycdQfBvmMfDYrg%2FIo%2F94PsO9SdQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 28-Feb-2022 13:24:22 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

GET
H2

200

/
spl.zeotap.com/ Frame 9F53
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=120211F7-B17D-4092-962E-A4B0DFFB8F85
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=7ebe2308-d361-42d6-8318-e6a2b0792897&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eaf3f73921f9bbb4251d47d8b56d02d4
https://spl.zeotap.com/?zdid=1332&zcluid=87b794cfb8397f00

7 KB
7 KB

25ms
25ms

Image
text/html

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=87b794cfb8397f00
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 628a77297e132c4e-FRA
date: Sun, 28 Feb 2021 13:24:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 088a68cde800002c4e0f0ca000000001

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=87b794cfb8397f00
content-length: 0

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 9F53
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7de0603b-9981-4100-97f4-d7f9996da288

0
587 B

35ms
35ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7de0603b-9981-4100-97f4-d7f9996da288
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Sun, 28 Feb 2021 13:24:22 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sun, 28 Feb 2021 13:24:22 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7de0603b-9981-4100-97f4-d7f9996da288
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 Feb 2021 13:24:21 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9F53
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4545bb83-79c8-11eb-ae9c-ebe1803d12b8&gdpr=0&gdpr_consent=

1 B
793 B

38ms
38ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4545bb83-79c8-11eb-ae9c-ebe1803d12b8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:22 GMT
X-lat: lhrpug016:0:458
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4545bb83-79c8-11eb-ae9c-ebe1803d12b8&gdpr=0&gdpr_consent=
Date: Sun, 28 Feb 2021 13:24:22 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 4545bb84-79c8-11eb-ae9c-ebe1803d12b8

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E2B7 37 KB
14 KB 305ms
304ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; PugT=1614518661; chkChromeAb67Sec=2; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67; SPugT=1614518662; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137576
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E2B7 47 B
524 B 31ms
30ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=52815599&p=155495&s=667074&a=2668709&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 13:24:22 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 47
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9872 37 KB
14 KB 127ms
127ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67; SPugT=1614518662; KRTBCOOKIE_1101=23040-6934304852086749328; KRTBCOOKIE_409=22966-aNTgkuyUQdnesIdpkRRzWZKk&KRTB&23212-aNTgkuyUQdnesIdpkRRzWZKk; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_336=5844-6702532818025395296; chkChromeAb67Sec=3; pubsyncexp=1614540262794; KRTBCOOKIE_279=22890-4545bb83-79c8-11eb-ae9c-ebe1803d12b8&KRTB&23011-4545bb83-79c8-11eb-ae9c-ebe1803d12b8; PugT=1614518662; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137575
Expires: Tue, 02 Mar 2021 03:37:18 GMT
Date: Sun, 28 Feb 2021 13:24:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync
rtb.gumgum.com/ Frame C7F5
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=6864390710533493707

35 B
237 B

50ms
50ms

Image
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=6864390710533493707
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:23 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.232:80
AN-X-Request-Uuid: 37fa7fa3-48cb-4416-8551-f12338f8ddd6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=6864390710533493707
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

sync
a.sportradarserving.com/ Frame C7F5
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4&gdpr=0&gdpr_consent=&us_privacy=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2

0
0

GET redirectObuid
sync.outbrain.com/ Frame C7F5 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame C7F5
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=648565f7-d284-0725-28ed-8722bfa00e9e

35 B
237 B

55ms
55ms

Image
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=648565f7-d284-0725-28ed-8722bfa00e9e
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=648565f7-d284-0725-28ed-8722bfa00e9e
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET sync
sync.srv.stackadapt.com/ Frame C7F5 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame C7F5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-4_xXpOZ1lxDueFdU2uA9ouTcB.U78ot55Y14

35 B
237 B

50ms
50ms

Image
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-4_xXpOZ1lxDueFdU2uA9ouTcB.U78ot55Y14
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 28 Feb 2021 13:24:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-4_xXpOZ1lxDueFdU2uA9ouTcB.U78ot55Y14
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

usersync
rtb.gumgum.com/ Frame C7F5
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
https://rtb.gumgum.com/usersync?b=vnt&i=4545bb83-79c8-11eb-ae9c-ebe1803d12b8

0
0

GET services
sync.technoratimedia.com/ Frame C7F5 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame C7F5 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame C7F5
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

50ms
50ms

Image
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:23 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET

usersync
rtb.gumgum.com/ Frame C7F5
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=1CUnyW6w5JlQ&ev=1&pid=558355

0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame C7F5 43 B
4 KB 48ms
45ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 13:24:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6666
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=

35 B
237 B

55ms
55ms

Document
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Response headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 28 Feb 2021 13:24:23 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
location: https://rtb.gumgum.com/usersync?b=mmh&i=7de0603b-9981-4100-97f4-d7f9996da288&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3518 2f03077 master zrh-pixel-x13
Expires: Sun, 28 Feb 2021 13:24:22 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C217
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=atm&i=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=

35 B
237 B

50ms
50ms

Document
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Response headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YDuZggAAAK1gHFZV&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Sun, 28 Feb 2021 13:24:23 GMT
via: 1.1 varnish
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1614518663.304872,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-Q050 200 pixel Show response
cm.g.doubleclick.net/ Frame 264F 170 B
213 B 37ms
34ms Document
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jODQ4YmMwNC1mMjA4LTRhNDItYWU0YS00ZWFkOGZkNDEyYTQ=&gdpr=0&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9jODQ4YmMwNC1mMjA4LTRhNDItYWU0YS00ZWFkOGZkNDEyYTQ=&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlwQ2aR4hKUIMcSw75OmuRzzfCKwSmYATqVKMm0eOLaN1F9eP9-bkFcuNYsycs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Response headers

content-type: image/png
date: Sun, 28 Feb 2021 13:24:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9FB7 8 KB
3 KB 97ms
95ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=120211F7-B17D-4092-962E-A4B0DFFB8F85; PUBMDCID=3; pp=155495; PMDTSHR=cat:; KRTBCOOKIE_699=22727-AAGwHU7AdzMAABHRBuqaNw; KRTBCOOKIE_153=19420-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA&KRTB&22979-E2-aExxmkUEIbppCQGmEQhI8zEkIaJxGQz4OnkjA; KRTBCOOKIE_80=16514-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&22987-CAESECyadS5L-2CUzoKPhRaHZ1k&KRTB&23025-CAESECyadS5L-2CUzoKPhRaHZ1k; KRTBCOOKIE_22=14911-9040159769359373822; KRTBCOOKIE_57=22776-6864390710533493707; KRTBCOOKIE_218=22978-YDuZggAAAK1gHFZV&KRTB&23194-YDuZggAAAK1gHFZV&KRTB&23209-YDuZggAAAK1gHFZV&KRTB&23244-YDuZggAAAK1gHFZV; KRTBCOOKIE_188=3189-c535e5e2-6daf-44c0-867e-cd2f9049a7f4-603b9981-4348; KRTBCOOKIE_27=16735-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&16736-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23019-uid:7de0603b-9981-4100-97f4-d7f9996da288&KRTB&23114-uid:7de0603b-9981-4100-97f4-d7f9996da288; KRTBCOOKIE_391=22924-8405308105229877284; KRTBCOOKIE_377=6810-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&22918-7ebe2308-d361-42d6-8318-e6a2b0792897&KRTB&23031-7ebe2308-d361-42d6-8318-e6a2b0792897; KRTBCOOKIE_107=1471-uid:2wl0iO9Y1Lgm3z5; DPSync3=1615680000%3A201_227_226_221_219_197%7C1614556800%3A174; SyncRTB3=1617062400%3A203%7C1615766400%3A35%7C1619654400%3A69%7C1615334400%3A63%7C1615680000%3A166_3_56_165_55_5_104_81_176_22_13_204_21_71_78_54_99_8_161_7_88_220_189_222_223%7C1615075200%3A15_2_67; SPugT=1614518662; KRTBCOOKIE_1101=23040-6934304852086749328; KRTBCOOKIE_409=22966-aNTgkuyUQdnesIdpkRRzWZKk&KRTB&23212-aNTgkuyUQdnesIdpkRRzWZKk; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_336=5844-6702532818025395296; chkChromeAb67Sec=3; pubsyncexp=1614540262794; KRTBCOOKIE_279=22890-4545bb83-79c8-11eb-ae9c-ebe1803d12b8&KRTB&23011-4545bb83-79c8-11eb-ae9c-ebe1803d12b8; PugT=1614518662; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75202
Expires: Mon, 01 Mar 2021 10:17:45 GMT
Date: Sun, 28 Feb 2021 13:24:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 749D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=7ebe2308-d361-42d6-8318-e6a2b0792897&t=1617110663

35 B
237 B

52ms
52ms

Document
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=7ebe2308-d361-42d6-8318-e6a2b0792897&t=1617110663
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=7ebe2308-d361-42d6-8318-e6a2b0792897&t=1617110663
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Response headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=7ebe2308-d361-42d6-8318-e6a2b0792897&t=1617110663
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=7ebe2308-d361-42d6-8318-e6a2b0792897; domain=.adsrvr.org; expires=Mon, 28-Feb-2022 13:24:23 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwjGr-HO3P2tORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Mon, 28-Feb-2022 13:24:23 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET um
cs.emxdgt.com/ Frame 81E8 0
0

GET idsync
tg.socdm.com/aux/ Frame 1558 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3A11
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871597492892055810

35 B
237 B

55ms
54ms

Document
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871597492892055810
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871597492892055810
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Response headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNLKwNDIwNbUwNBDiM9QtCSxOLikwLs51cSyX4jU0MzQxNbQwMzM2MjcGAKWk0NE0AAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 25 Mar 2022 13:24:23 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNLKwNDIwNbUwNBDiM9QtCSxOLikwLs51cSwHABYh03klAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAADvEyGtoZmhiamhhZmZsZG6ySgyJb2xoDgAOL8vqIAAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 25 Mar 2022 13:24:23 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871597492892055810
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1966
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=y2ZG0FBNLjZ9vAp0tpBb&pi=gumgum

35 B
237 B

50ms
49ms

Document
image/gif

63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=y2ZG0FBNLjZ9vAp0tpBb&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=y2ZG0FBNLjZ9vAp0tpBb&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=

Response headers

date: Sun, 28 Feb 2021 13:24:23 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 28 Feb 2021 13:24:23 GMT Sun, 28 Feb 2021 13:24:23 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=y2ZG0FBNLjZ9vAp0tpBb&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame C859 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pa.tns-ua.com
URL: http://pa.tns-ua.com/bug/get_cookie

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/tum?umid=27&uid=c9e0b350e7671f85da7288c5&gdpr=0&gdpr_consent=

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/709414.gif

Domain: a.volvelle.tech
URL: https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Domain: ads.playground.xyz
URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Domain: a.sportradarserving.com
URL: https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/usersync?b=vnt&i=4545bb83-79c8-11eb-ae9c-ebe1803d12b8

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c848bc04-f208-4a42-ae4a-4ead8fd412a4&gdpr=0&gdpr_consent=&us_privacy=

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/usersync?b=pln&i=1CUnyW6w5JlQ&ev=1&pid=558355

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zaxid.net/	1970-01-19 17:11:50	Name: __cfduid Value: db8fa5c5d30236a82b088979c71b0cdd31614518651

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://intelaxa.com/t.js?i=g9vsltglsvoa0vgwp5ks&cb=2646861614518654697(Line 30) Message: %c [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24tv.ua
57d05cf59475447ed390f107e00bebf4.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
a.volvelle.tech
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adpone-d.openx.net
ads.avct.cloud
ads.playground.xyz
ads.projectagoraservices.com
ads.pubmatic.com
adservice.google.ch
adservice.google.com
adx.adform.net
ajax.cloudflare.com
aktrack.pubmatic.com
ams.creativecdn.com
aorta.clickagy.com
ap.lijit.com
aqfer.lijit.com
assets.bly.ch
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-fra2-v4.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
campaigns.cembra.ch
cct.connects.ch
cct.shop.post.ch
cdn.adtrue.com
cdn.gravitec.net
cdn.onthe.io
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
d.turn.com
d5p.de17a.com
data.adsrvr.org
dc2921b5e4f3e4caadf98529353a9a3c.safeframe.googlesyndication.com
dis.criteo.com
dsp.adfarm1.adition.com
dx.frontend.weborama.com
eu-u.openx.net
eus.rubiconproject.com
exchange.adtrue.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
green.erne.co
gslbeacon.lijit.com
gum.criteo.com
hb.adpone.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
intelaxa.com
juke.mmi.bemobile.ua
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
piwik.luxnet.ua
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
ploxtar.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora.net
projectagoralibs.com
ps.eyeota.net
pubmatic-match.dotomi.com
pxdrop.lijit.com
rd.frontend.weborama.fr
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.tribalfusion.com
s1.adform.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
source.mmi.bemobile.ua
spl.zeotap.com
sshowads.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.adtrue.com
tracking.adtracker.ch
trc.taboola.com
tt.onthe.io
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vap4ams1.lijit.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.post.ch
x.bidswitch.net
zaxid.net
a.sportradarserving.com
a.volvelle.tech
ads.playground.xyz
ads.pubmatic.com
b1sync.zemanta.com
cs.emxdgt.com
id.rlcdn.com
pa.tns-ua.com
rtb.gumgum.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
ums.acuityplatform.com
104.108.50.124
104.111.248.103
142.250.186.130
142.93.100.57
149.202.221.211
151.101.14.49
151.101.193.108
159.253.128.183
159.65.197.210
172.217.18.98
173.231.180.197
178.250.0.163
178.250.0.165
18.156.0.31
18.158.93.70
18.198.126.47
185.184.8.30
185.29.132.144
185.33.221.90
185.33.221.91
185.41.250.4
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.106
185.64.190.75
185.64.190.80
185.86.138.143
185.86.139.95
193.0.160.129
194.247.175.23
194.247.175.25
198.148.27.139
199.232.137.44
2.18.233.180
2001:678:cb4:bbbb::11
213.155.156.180
213.174.135.1
213.19.147.150
216.52.2.19
216.52.2.30
23.218.208.200
2606:4700:10::6816:1857
2606:4700:10::6816:3181
2606:4700:10::ac43:757
2606:4700:20::681a:799
2606:4700:20::ac43:49e4
2606:4700:3035::6815:2f1c
2606:4700:3037::6815:334c
2606:4700::6810:a723
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:400c:c1b::9a
2a00:17c8:0:103::20a
2a01:ab20:0:203::1:245
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:16::1400
3.120.52.76
3.121.27.153
3.127.88.255
34.234.110.25
34.246.149.44
34.247.206.41
35.190.16.14
35.201.80.102
35.201.96.126
35.210.53.219
35.227.248.159
35.227.252.103
35.244.159.8
37.157.2.236
37.157.6.234
37.157.6.253
46.228.164.13
5.148.168.135
51.210.112.236
52.16.108.17
52.30.234.204
52.49.193.31
52.72.174.10
52.95.123.41
54.186.205.146
54.194.211.3
54.69.220.219
63.33.123.138
65.9.58.62
65.9.58.9
66.155.71.150
69.173.144.138
69.173.144.139
69.173.144.140
69.173.144.153
77.243.60.138
8.43.72.98
84.200.5.215
85.114.159.93
87.98.228.78
94.130.16.67
95.216.24.149
00859b6cb8e6e7091e776e64a27a5b9a455f55aa4ab3c1632ab2d7b7612c76d7
01648973077e9dc4fda6269650f9d48af4d57cfd795f35a8efce1282b300d318
0174f5faf3a1def87e0d1e34066218ccee40faf0bdaa9ed4854106569b1ab637
021d67b4bdc29f3ac8f0b5187e24048857dd7380870f1b91dc4ca8ddeaac5607
050d7b57c18d28dff9fa64cdae1f24c58f9087e8f0aad47ec5c9f9d58d2cf1f0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095f46f5117e38fc1f307b53184622df5c07904318d784735fdc66c8768352ec
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f2dd7d27fe19599f157bf9ed58e581375142d57f27d30ecb748220f5ec854f3
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10120d0cd7cdd8f2dc49c92663144b6bbaad91192650cbc436b95c4f209abb33
105c9a8286512bbf48aeecf80c4c52074582c7dac71d704c22a1ee11f9f6f7d6
115791a0b1a651fc90707e56ff10de6f4f8d08f290d483544bde7304d5bc09bd
11790f6ee5a33520edcd63031d3cf9bffbe5a6f967fda0037784f92829da81f3
13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90
14542951c891d23b1e98fa66b4bfb5db98a3aeecbd90e135dd0f77f71a6026a3
153cc2d433b922ce93d8e02f28f2c2e4d5b3d4c283520c04bf11b5968647c0f2
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
168508975ed05d40ae29f11a601516d264b255fec494b89c1eca2b9c2c99582a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19665901d0671188f583b41dd36eeab442915cddee8d3d53e432b693aced566d
196da375985a1e9f3807c23b72fc1d285dd6bbc3cf35dd5479b34f410f2d858b
19d70e2046be706c4729b21e6d666277595a14fcf38f3ba764a09e4f436f5390
1b2ede615f99355aff967872f16f9ae669e552194697170d1bd0a25a3456bfa7
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8
1d7e445c8fac27a90341f0c3f0c6b87de64649b3fb207c6eb19adb015ed8b713
1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3
1e0975ed7cbecbfc8fb695e0d8d8cabd17b3f27b81a84cef1e16f36a85b4e47f
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fc81fa2032ffad01cdbfd922860515856681248448b7d9085d6618682d7b8fb
1fe76083e758bb47634030b34e3c35ab6a9eaa46619ac984219e7e2f40206a48
20dc6d30c8999a8ad397dd944421c1a02a6ff824410ad46275bfae0b869a2c43
231bd5d82bcbc0c2f01e7eefef79117d0e69f50f4fe212e6f3568e8534c0f2b8
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2377a47a723766ab9d58fb9218e7309411b2106090cd622256c20bad48797606
24343c460244e3cdbd711fda7304554cbdca8620d5917ebddb5dab501613740a
255ce00ea5f70f47ca6f9124672fe1828625dea8dc5f5de69f5b6cbcaa1fc37f
2610fe2184436d61ecf9b0e225eb7aad9b3adceecd49cb9f7494786322be2c0d
283bcf54c0e2243b191e467e9094ea4f3860a848e3c152b1b691ae8a2fd57d9e
2a3705388c65394fd52029d8191efab7dd38ad8953a38079e758c98b41a1cd94
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2d7a88c68eba5ba1d8b5e78661e70e26a4572eab30955a0a2ef16c2a61a90f65
2df3800f8f04544df796972a68be1660aa947bd62b379f519e5644bf047cb4aa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e701000cbc18fd74a40ba52e6578e8915f912a7eacf9d59863d0ba6b629487f
2f299cb0c2c2a3e9bb994ea25b5043ae3ad2da96f13e2b2818db4966d4b8c1e0
2fba25befba198ea591a15a97527816099c182ad88038e7d2575e1ba656a6069
3205b2b2660bdae7a52a06d1000fdaf2acc9d479ec6b7332c83894428a388a79
32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0
32e48affdd7eac6d9a3cb9f993fa1560b6ef7a89f2aaa0f894120fd27e8587ff
32f70ca5c4ad6300c766028e691d24e09527ff0c4abf3e8766bdfabb9188a8ff
341f7f788ba16719a0f2db5e7b964d5f36bd6e73d7170b87428c283563e4ddcd
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3ef672954c2333ad77b7805d7978d52d17fb05a3c3a443cc7aaa187339150a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f85ec824ffc14c8f7df43a5ce5e78451948e4bfbfbceb024d751e7f6e65d4c2
4228403792333cf78de6f3f904bc679cf60eb7b3cae9feda60db8c1d768dba7a
44a79d03406e6a4df14fd63213c5cc0e91db0861222ed88a909ab3191f6bf03c
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
485b2d8bdd655647d9465c93392abcd4f9591af883f9cbd5e6a3c236f6fe4cfe
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498c6b4b347e82ccf284d7a28af486de3089e8f330d3ce52553d45e3a97e9dfa
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bc2e70a6632aa04e5fe93968e6b0665fb45af02113aba0ff196302e7ccfb4e9
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f13ec954d677da6fd11e1e5cd3d89ce430ce6e6efbd222e41bdfbbcee6bab0f
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5215fb8902626d45ff5edfd1a66084c09639d2b6e5619f9325d9612d3d6a5593
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56fae4bcb0f618046af378fe67e99313739705e71e62fb519cce75d2b59f329d
57607800ff3f4b9209f72c5eadace4d99eedcdc9dca325188d1816707d20c0c9
581d926101074855377ce662bf9aeb86306fc6fe8e0ed0e4083e1f0c73d3cadc
587852d6381ee2e5399e0b4d613cf8ad8de08dd091c810591a4bbddd3c64b7da
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5dfc20f7af1822d3360fc105fb3622482b0fe1248fd4f50c79150881f8fcabab
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
63e3611bf9472bed6bde39da71f21b799f749b726849bc0666f73576ab3f6231
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
651aab00c17b93ddfa474821789a27cebe3a9a145879a9e987711ad7df1df101
65e3395c552264339cc2676785df341c9ca85cd341824d07f374c34e5da2c0d1
6718ca46fe1689b5577292c138af3d2baec9dc6419358d2b42fc95e699fd0d1c
674986ded8e749b4411f0be9d3077b76e95baf38b24875f377a04727418f2a10
6a49d9cabddf4e88b985386a28e4471f72006031d091a79334ccfade4e007e1d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b14f6fa2f7a11addb79dbdfaf96db131b82d226b2320fc9560813ed66891466
6c007912dd2cfea7b7d83544bcaea501ef980a2b7807df7a6d21a792f4176477
6c80aadabf1a5097105b82c3575a20ce71e603414f0e2ce0caf2fd1651e735f3
6d1556b543852a6be9a1968cd6db6d041cff7e6aab800f94c5b055e795cf5f37
6dbe089c0890e3a15e36a7823aa322a1b0bb4744f0e320ef281aab207a90be27
6df0e8fc336721ff9d220d4486356ea712891701ffb3a65ce6498972b801a637
6e7dced3e80a11752f9080d37d182b7a018756cf2e128e74a503ec7d52160adf
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7069c3b9eda37cc81a63410d72e1bc655a675e5e8a594dc4e2c8fa491ad08dbf
7254375b5f030d63b1e7300ef19e9e1bf85b0364e7b6ceff6d74272676315722
7842e82ce0b1e30779002c23f7f7e6f6b19344b6b9ddf46b6e9fb02e0f0d7e64
78587e1cc4a6e2c47d3cf304a81423e68c2ceee852099643cc73c3ce33084da4
7c3a9fde8e441dda79508ab1587587f70ed277164986ecdd3378de7970ab14ef
80746cb8fd66d3b98468b97c27ec0b19c9ba4017d55eac6dc95b28e1e308a2ca
813334fbd782aafa09cd9ced4c955ef8bf5991215b97f71c554c0e5bd40bc670
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853f9239cc80c977ec213722fbdaf03effda7544e9f92dd8c27b3bcebd931998
86dde1f84e64b2cdf5ebc3b02540502e6930f1eaa2bceefedf9afd71c5b81f6a
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
880a7b177ea2edbf752eaf89b1449db2c7ef6a8e5a7acdd9eac0cc7623b1427d
8a23dd99ed681cb6c4619114dd67836e8e8cc1e05ff28f9afd0b69880244c240
8bf184e82362f591b3c1032d3e0eaec6dfad9586da1d9040818bbaadd6b8de6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dabf72b6ea97c33d63697047b329703d138725ac30c6a5d0effa4d161872ca3
8e2d675614033c267585499e53d00cd36c732be229c51c85390c4e1b6dc46767
8ec42addc590f21361c702f2c7095a23ce263893addd9f132ed6e22b868b0d2e
8ff502767a4dfb4adfc61e397eb269d1b12684d622338af7a40e91b847150864
908ae7e4eb7123bb0a2379e7d89712ca9e0e24821d5948e233226598a7a475f5
913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3
91d8d32f161e45dc88ff5a4f5f54d1db2d85f3db98b86370f9fc2f427c6a7479
9260126dce8b9fd60aac45eb53913072a1184a936907db6518aa8bc22b49640d
92a4c99a6eca5980561cb9c17c705bd6a0ebccb7d6fe8317a6561c9dbe18e4e0
931e404c680e02cbfd540ae5da1ddf91d6d090d2cba47ddcf8a398f533ec6a27
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
981a47bdf683f5af5ab3fbad953035c7335c5dbe1f3ff659ceb30bd9782c6cf4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b468cfa40d0315d15a0841a49d6e3814d76a99edd56efee8cd75d2c52b73fca
9be2970b8d2eb7cfb7e3967bacad4f7f3f2a179c05165dc4fe23421e7cf1c441
9cb08e712ea568a407f46b4af7bc3fd5e79ca3bf0cdff63221602c5e020800a8
9d3069d2fa2f9254618d5324c61bf5d9e54fe5b0224f376a3bdba4de9f532335
9f394331a5ba7f22102ebc2ab279e6f29e1f3d061938327039aa55f7b75f86b5
9f7123cb517799e75b78e8e9161d90af103d916f517b109caa45e9b2b02f12c2
9fbbe8c1da786c9f2aac34d4af33515f6c82a817b58a7ad630e444ab4001bccb
9fdc56f1dd369c2bb0d88ab5e82dd0afedf00876f8cf7b193878d1e31a82460e
a127af41d27c28c65f968b49a6523c642374f983741f50eb822989c6a78c3111
a151561e84433d90be28aa14ae32868a5859f3d89111d765155aed226e42d272
a3bab0bd831775d6dec274b344a62e5425eb30257b76c7649dcf1414dd42b071
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50e2361c1007c8013038f5629b2e7d975522a8281d2ffc3cdf721e9b0d20e1e
a6354a324bce6546de0c11853d945c8e26b9fcd3cc71ef3420194480c37dab41
a6430673cee20e65d7959812a8be24ecb79bf79ec22d67aec945ed54bfa9e684
a957a4deb60ca1cc4164da00e11002523cc58e141f0809d5640771e98bfcaca7
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ace40ecea297ce25a4d47627dd865df11e30c1fb7f3e5709db757010c66d7fea
ad53cc8f829d56621c2bb9da789ac4fb42976b1a7844f62cd065864a56e351a8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
af713167bf4523927dbc0cf3ee41fd9feb5f6943c5f4b47390847e46e039d794
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1523f32cb97289468bcbdcb5b55d336b1f2bbf07723663c65dbef1ef4e5e86b
b3a55acf77c6dc8578b0d1ffa6f832d21b8027fe44958f6bd86dd099ae3a1b3c
b422d6dceb86a259cb69e8564f23152bd1ef21073ef1d7b55ff7557d08a06e02
b69fc9f8ef4316ac127283715b752c3f926c501e2375b71525c7a82e25152e57
b6e7cf0ef4c7a814861d9d81bd03803a7a234d7a76a68a1efe59b1aef1d3f3dd
b79150624472852f7c2c47fa2bb2d6d747c462d5307f93a2a74a89e25db334fa
b8034128ac0efc9a5a2933fc42ed3b01cffd35337ee35b19ac52fdb4f3213668
b85debdbbca358adaf9d180aa26a252a55fe7a09a1762975758c84176af20e79
bb39e6bdd7efeab38b6b897f121222f1410f318c8f50364379b29605ac810256
be15ebad935f9f4fd11bb41521627709e6834357807aebb91d10762e61ca63bc
be2f92ae1febd670260233920e705a4f812782fbc18b12250b433e07e138fb7f
be93ee7ccaf6c8d0ecd0b3ad03f8128dafa7193b2f50c4e3f3abefe8c8f58ad1
c2d750ba94e0706f53442c33de1c7dc2303ec4a115b1568437ed86317fa2c258
c47d9df2a65d5c1b82dc3cbeb3b0702b7d74d1068c6cbab6ee5ce7694fecfc3e
c5bfa39f37812a09f9f568bd015c3cab90a43cf805cefe005eabebbdafa2c3a5
c7249d1e7ec55ce28b1e1b69c42aacd147ece4d213939228080dba89b2d80a90
c7fbfb347cf570b85dca7b64a126acc4cd9934c924951dcdb131366c4cacc429
c8747c438157e35c3b0bc5d4c3ff319ec954a0412ae0d55a796643c0537ca4c6
c9a2a4240b8f8c34ca0268a95e40d54028597b02169d3c6259e4188af4425e5d
ca6ed7fd23174ff94d9922ff836a9c709fb1b82d36ab3e137bac324151b12af8
cad478f098c274fc1e071ad07befda0e91a7067160d72b01be7380bf7e977a6b
cb84a92b246ca8706eb02cfb88358eb481fc014e3a84ad450a440101929078b7
cc6be5a59ac00f758927e56bab12839366fa7ca93e09dafe25a44af28966aca9
cd0be874c2a8cfe348f35e670ca9a67da02df715d8e66b448e957e89e04250cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19ba9e80e21f7a3e9dbc96b15586f8253c1fe4ebcc6b8241867870ce0dd4f83
d28175c3f010d2aece4dc71da70430536d029f6699d3d55910b3ea237df158ef
d3715ef09488df99653f0ff69563bf2abeb59e7ed7f735b4538a35ff6d46b402
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d894fc868a46ba2b6b579a1978b0e4a4507af0e14191661aefd3721835c19de5
d9481e82e0f0881787a5bdd23fabcbf1f641c146c62be5bfa76ac519431a4feb
d9c9d0ac581bd0e286387ce9ce2a60800cdf478c6c66c58f6ea611ff926fa6bc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc470612163dcfa23c997e22fb8745d24edcceaf074c6fad0c854e3a26608ca1
dd2a8f1be383beda2ac68c2b602f47e13067dc389c632fb14df4b65be98c3007
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e06035ee341f24ab89ea8078422bcfdef88c544e0d4df27060e9c7424e7dba7e
e10f09339e43db3d99196c8a980fdd91f5569554cccd4e22961a2c6bc33e0319
e143a3b796187f14cfcee04f08fe5da930bbb085732bd98d042ace4a6f961d5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ecb14e1d291633d0f81df4f1d0acb6d282463e0ceba698f4db8afa3c8ee00d
e3feb67ce5fd8d1b3a276040e613f4f738409654aacfdd37759f50489aefe491
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
eb820950aa51d61b6b6962e702848ed464917433156e0bd71fdbb3b617033fe0
ec00e08dad49044c963558151bfac14c57129340e0f7b90af122587d637e0dac
ecfa0bad9e15dbaa7e6efc879b77beedd1ac5d71eb776375884fe1e240558613
ed0951899b8b53ec8f55c04e43c345cc437a89dd8ad46b74e87612e57b4e46c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16893f0a6cf09a2476078492390d8f01a346ac2cbabe93610dea914dd5b9fde
f5e9fd572579923d15af6593be0221b4a4b8251d8269e55891393d1d35245d0a
f6f8a4057dcfd4c7956d7a706f17cda3edfbb0f87cc91b602640b3b2c1ffc60b
f73e0cda9d21ae614ece5c6ee24b7d9e1f236bf2aa873cacb20cffcbb4fb5800
f78e73975b9e9d46a33250754635cda357beef9ce6f34e532e4134867d3361bf
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fb147035d9313dd2b74b60ed95bf17ccce8c75537deabee5bf06c77f3ae0406f
fb9b68efe7644c97d32102bd3429af063811652edeb2e48b4609ddeb9b784b8f
fc8e5d5e82241d6c7402475320c842ce14b82702ceaec3b1ab4356891d33784a
fe97603a09348d257c42eb9bfe295fdc0ba8b3d023711b947b0791b72ddc5643
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
ff2297eecd679e69df9005e04ae2e2ddf1659cb0a2bac057351028b51b881e48
ff7da4dbeab4fd4a0896a7251f8fb01649bac82fe2bbaedac2cb2f7c4b89e36d
ffba78815344e367fc5a81919d6c8b234bd1cd98bb65515f3fa7022a26a1dda6

zaxid.net Open in urlscan Pro 2606:4700:20::681a:799 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

524 Requests

97 %HTTPS

27 %IPv6

90 Domains

141 Subdomains

82 IPs

13 Countries

4116 kBTransfer

11689 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

524 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zaxid.net Open in urlscan Pro
2606:4700:20::681a:799 Public Scan

Screenshot
Live screenshot

Full Image

524
Requests

97 %
HTTPS

27 %
IPv6

90
Domains

141
Subdomains

82
IPs

13
Countries

4116 kB
Transfer

11689 kB
Size

1
Cookies

524 HTTP transactions
3 data transactions