client.paltalk.com Open in urlscan Pro
104.16.125.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gg.gg/oykkz
Effective URL:
http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Submission: On April 07 via manual (April 7th 2021, 3:37:52 pm UTC) from NL

Summary HTTP 131 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 53 domains to perform 131 HTTP transactions. The main IP is 104.16.125.32, located in United States and belongs to CLOUDFLARENET, US. The main domain is client.paltalk.com.

This is the only time client.paltalk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.15.209.141 185.15.209.141	52000 (MIRHOSTING) (MIRHOSTING)
3	104.16.125.32 104.16.125.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
5	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
20	2606:4700::68... 2606:4700::6810:cc6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	52.85.32.122 52.85.32.122	16509 (AMAZON-02) (AMAZON-02)
1 7	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	204.236.224.156 204.236.224.156	14618 (AMAZON-AES) (AMAZON-AES)
1	184.31.84.150 184.31.84.150	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:209... 2600:9000:2093:ec00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 10	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.228.125.100 34.228.125.100	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	38.27.122.36 38.27.122.36	174 (COGENT-174) (COGENT-174)
2	18.211.21.136 18.211.21.136	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:4036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	52.222.179.53 52.222.179.53	16509 (AMAZON-02) (AMAZON-02)
1	67.202.110.32 67.202.110.32	32748 (STEADFAST) (STEADFAST)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
3 6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.127.88.255 3.127.88.255	16509 (AMAZON-02) (AMAZON-02)
3 3	35.156.19.236 35.156.19.236	16509 (AMAZON-02) (AMAZON-02)
2 2	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
6 6	54.220.102.114 54.220.102.114	16509 (AMAZON-02) (AMAZON-02)
11 14	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	185.29.132.144 185.29.132.144	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2	108.129.45.237 108.129.45.237	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.181 213.155.156.181	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
131	59

1 185.15.209.141 (Dronten, Netherlands) 1 redirects

ASN52000 (MIRHOSTING, RU)
PTR: nbn.topsnursingschool.com

gg.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.125.32 (United States)

ASN13335 (CLOUDFLARENET, US)

client.paltalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paltalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6810:cc6c (United States)

ASN13335 (CLOUDFLARENET, US)

www.palassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.201.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.32.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-122.ham50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.236.224.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-204-236-224-156.compute-1.amazonaws.com

cdn01.smartling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

obscenesidewalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2093:ec00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.90 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

yourbow-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.125.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-125-100.compute-1.amazonaws.com

brightcombid.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.36 (United States)

ASN174 (COGENT-174, US)

dsp.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.21.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-21-136.compute-1.amazonaws.com

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cookies.onetrust.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.179.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-53.ham50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-110.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.88.255 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.19.236 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.211.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.220.102.114 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-102-114.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.162 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.143 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.144 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.253 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.129.45.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-45-237.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	palassets.com www.palassets.com	216 KB
19	doubleclick.net 12 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	130 KB
16	pubmatic.com 3 redirects ads.pubmatic.com hbopenbid.pubmatic.com image2.pubmatic.com image6.pubmatic.com aud.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	130 KB
11	rubiconproject.com 4 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	17 KB
10	openx.net 1 redirects yourbow-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
8	cookielaw.org cdn.cookielaw.org	169 KB
7	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com	23 KB
7	visualwebsiteoptimizer.com 1 redirects dev.visualwebsiteoptimizer.com	104 KB
6	bidr.io 6 redirects match.prod.bidr.io	3 KB
5	a-mo.net prebid.a-mo.net	1 KB
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
4	adform.net 4 redirects c1.adform.net	2 KB
4	quantserve.com 2 redirects edge.quantserve.com pixel.quantserve.com	11 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com as-sec.casalemedia.com ssum.casalemedia.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ads.yahoo.com	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	paltalk.com client.paltalk.com www.paltalk.com	100 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	611 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	998 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	avct.cloud 2 redirects ads.avct.cloud	888 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	glotgrx.com pre.glotgrx.com	1 KB
2	yieldlift.com x.yieldlift.com	1 KB
2	districtm.io dmx.districtm.io cdn.districtm.io	428 B
2	google.de www.google.de	591 B
2	google.com 1 redirects www.google.com	452 B
2	quantcount.com 1 redirects rules.quantcount.com quantcount.com Failed	785 B
2	obscenesidewalk.com obscenesidewalk.com	30 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	rlcdn.com api.rlcdn.com Failed check.analytics.rlcdn.com id.rlcdn.com	389 B
2	adsrvr.org match.adsrvr.org Failed	529 B
2	yabidos.com pixel.yabidos.com	26 KB
1	simpli.fi um.simpli.fi	608 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	mathtag.com 1 redirects sync.mathtag.com	599 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	757 B
1	contextweb.com 1 redirects bh.contextweb.com	488 B
1	emxdgt.com cs.emxdgt.com	59 B
1	tynt.com ic.tynt.com
1	googlesyndication.com tpc.googlesyndication.com	2 KB
1	consensu.org cookies.onetrust.mgr.consensu.org	1 KB
1	bnmla.com dsp.bnmla.com	193 B
1	marphezis.com brightcombid.marphezis.com	115 B
1	onetrust.com geolocation.onetrust.com	362 B
1	smartling.com cdn01.smartling.com	6 KB
1	googleadservices.com www.googleadservices.com	17 KB
1	indexww.com js-sec.indexww.com	30 KB
1	gg.gg 1 redirects gg.gg	1 KB
0	1rx.io Failed sync.1rx.io Failed
131	53

	Domain	Requested by
20	www.palassets.com	client.paltalk.com www.palassets.com
14	cm.g.doubleclick.net	11 redirects eu-u.openx.net
8	cdn.cookielaw.org	client.paltalk.com cdn.cookielaw.org
7	dev.visualwebsiteoptimizer.com	1 redirects client.paltalk.com dev.visualwebsiteoptimizer.com
6	match.prod.bidr.io	6 redirects
6	image2.pubmatic.com	3 redirects image6.pubmatic.com ads.pubmatic.com
6	ib.adnxs.com	4 redirects client.paltalk.com
5	token.rubiconproject.com	4 redirects
5	eu-u.openx.net	1 redirects client.paltalk.com eu-u.openx.net
5	prebid.a-mo.net	client.paltalk.com
5	ads.pubmatic.com	client.paltalk.com ads.pubmatic.com
4	c1.adform.net	4 redirects
4	us-u.openx.net	eu-u.openx.net
3	pixel.rubiconproject.com
3	x.bidswitch.net	3 redirects
3	pixel.quantserve.com	2 redirects client.paltalk.com
3	c.amazon-adsystem.com	client.paltalk.com c.amazon-adsystem.com
2	sync-tm.everesttech.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ads.avct.cloud	2 redirects
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects eu-u.openx.net
2	ap.lijit.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	eus.rubiconproject.com	client.paltalk.com eus.rubiconproject.com
2	pre.glotgrx.com	client.paltalk.com
2	x.yieldlift.com	client.paltalk.com
2	www.google.de	client.paltalk.com
2	www.google.com	1 redirects client.paltalk.com
2	rules.quantcount.com	1 redirects client.paltalk.com
2	obscenesidewalk.com	client.paltalk.com obscenesidewalk.com
2	www.google-analytics.com	1 redirects client.paltalk.com
2	mug.criteo.com	client.paltalk.com
2	gum.criteo.com	1 redirects
2	match.adsrvr.org	js-sec.indexww.com eu-u.openx.net
2	pixel.yabidos.com	client.paltalk.com pixel.yabidos.com
2	securepubads.g.doubleclick.net	client.paltalk.com securepubads.g.doubleclick.net
2	client.paltalk.com	client.paltalk.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	id.rlcdn.com
1	ads.yahoo.com
1	simage2.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	sync.mathtag.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	cs.emxdgt.com
1	cdn.districtm.io	client.paltalk.com
1	acdn.adnxs.com	client.paltalk.com
1	ic.tynt.com	client.paltalk.com
1	check.analytics.rlcdn.com	client.paltalk.com
1	tpc.googlesyndication.com	obscenesidewalk.com
1	ad.doubleclick.net	obscenesidewalk.com
1	cookies.onetrust.mgr.consensu.org	cdn.cookielaw.org
1	as-sec.casalemedia.com	js-sec.indexww.com
1	dsp.bnmla.com	client.paltalk.com
1	hbopenbid.pubmatic.com	client.paltalk.com
1	brightcombid.marphezis.com	client.paltalk.com
1	fastlane.rubiconproject.com	client.paltalk.com
1	dmx.districtm.io	client.paltalk.com
1	yourbow-d.openx.net	client.paltalk.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	stats.g.doubleclick.net	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	edge.quantserve.com	client.paltalk.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	cdn01.smartling.com	client.paltalk.com
1	www.googleadservices.com	client.paltalk.com
1	www.paltalk.com	client.paltalk.com
1	js-sec.indexww.com	client.paltalk.com
1	gg.gg	1 redirects
0	sync.1rx.io Failed
0	quantcount.com Failed	edge.quantserve.com
0	api.rlcdn.com Failed	js-sec.indexww.com
131	80

This site contains links to these domains. Also see Links.

Domain
www.paltalk.com
commerce.paltalk.com
register.paltalk.com
xtralinq.com
investors.paltalk.com
www.facebook.com
www.twitter.com
www.instagram.com
support.paltalk.com
www.camfrog.com
tinychat.com
www.vumber.com
ar.paltalk.com
fr.paltalk.com
de.paltalk.com
it.paltalk.com
pt-br.paltalk.com
es.paltalk.com
sv.paltalk.com
vi.paltalk.com
cookiepedia.co.uk
tcf.cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.paltalk.com DigiCert SHA2 Secure Server CA	`2020-07-21` - `2021-09-24`	a year	crt.sh
*.palassets.com DigiCert SHA2 Secure Server CA	`2020-02-10` - `2022-04-15`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
obscenesidewalk.com R3	`2021-02-20` - `2021-05-21`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
marphezis.com Amazon	`2020-12-30` - `2022-01-28`	a year	crt.sh
*.a-mo.net R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.yieldlift.com Amazon	`2021-01-30` - `2022-02-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
analytics.rlcdn.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-05-05`	a month	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh

This page contains 13 frames:

Primary Page: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Frame ID: 66C5C16C328ED55FAB29637A6F149F6E
Requests: 87 HTTP requests in this frame

Frame: http://cookies.onetrust.mgr.consensu.org/?name=euconsent-v2&value=&expire=0&isFirstRequest=true
Frame ID: F3CA9DFCB1150E731F0CAD9AFA68F269
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: B88A6D8D6826C251CFE204D968A05B49
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E31674800A9D7655B2860A5FE2413270
Requests: 11 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X
Frame ID: 4056BC2E1093448E5AE80FCA3E2416FC
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Frame ID: 783E6CB229CDB1AE3D910639C1B3CDE0
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Frame ID: 1968F6297B20E797E48CF5B7F9C49BF0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BF6E079683F6E17FCB6EED132A52D523
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B4019A2CC7E85E4AC67E53452AB6B9FE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C46A2E47260990B0282EBAA3F6DBA74A
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6B5579DA25C2EFCD33241C9FA744FB3C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1912652238694062386
Frame ID: 99BFCC740168BC03C03A48D4C3C06D36
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D0367794F77821833C72B51142AEB7E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gg.gg/oykkz HTTP 301
http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/[^/]*\.pubmatic\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Visual Website Optimizer (Analytics) Expand

Overall confidence: 100%
Detected patterns

html //i
script /dev\.visualwebsiteoptimizer\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

131
Requests

87 %
HTTPS

28 %
IPv6

53
Domains

80
Subdomains

59
IPs

9
Countries

1064 kB
Transfer

3165 kB
Size

20
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paltalk.com/

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/features
Title: Features

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/people/webapp/index.wmt
Title: Members

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/g2/webapp/groups/GroupsPage.wmt
Title: Chat Rooms

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/products
Title: Products

Search URL Search Domain Scan URL

URL: https://commerce.paltalk.com/mpt/ControllerServlet?RequestId=MyPalTalk.PreLogin&continue=http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Sign In

Search URL Search Domain Scan URL

URL: https://register.paltalk.com/reg/ControllerServlet?RequestId=Register.NGReg
Title: Download Paltalk

Search URL Search Domain Scan URL

URL: http://xtralinq.com/
Title: Go to link

Search URL Search Domain Scan URL

URL: https://commerce.paltalk.com/mpt/ControllerServlet?RequestId=MyPalTalk.VGiftCredits&ref=external

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/mobile
Title: Paltalk Mobile

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/vgifts
Title: Virtual Gifts

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/members
Title: Search for Friends

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/free-chat-rooms
Title: Search for Rooms

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/partnerships
Title: Partner with Us

Search URL Search Domain Scan URL

URL: https://investors.paltalk.com/news
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://investors.paltalk.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/leadership
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Paltalk
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/paltalk
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/paltalk/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://support.paltalk.com/
Title: Support Home

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/contact_paltalk.shtml
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://support.paltalk.com/support/solutions/articles/47001132604-uninstall-paltalk-from-a-windows-pc
Title: Uninstall

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.camfrog.com/
Title: Camfrog

Search URL Search Domain Scan URL

URL: https://tinychat.com/
Title: Tinychat

Search URL Search Domain Scan URL

URL: https://www.vumber.com/
Title: Vumber

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://ar.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: English

Search URL Search Domain Scan URL

URL: https://fr.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Français

Search URL Search Domain Scan URL

URL: https://de.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://it.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Italiano

Search URL Search Domain Scan URL

URL: https://pt-br.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Português

Search URL Search Domain Scan URL

URL: https://es.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Español

Search URL Search Domain Scan URL

URL: https://sv.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Svenska

Search URL Search Domain Scan URL

URL: https://vi.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://commerce.paltalk.com/mpt/ControllerServlet?RequestId=MyPalTalk.ForgotPassword
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new window

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gg.gg/oykkz HTTP 301
http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fclient.paltalk.com%2F&domain=client.paltalk.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kPrt43xpcnFvdVBZeUljWFB6N1g3OVdHb2t5Q1NHaHlnaElRc0hNdkFIQlZGcmhlQ2owOGU5TDBLN21kVU8ydXo5UGI0MzkrR0tlcHZPamY0NnZoSlIrSVg5d1lIMis2RWtJK2ZEeXo1ZU92VTQ5ZEExbjlUR1dqZ0tTd1d5dVkxdkVtelNJTlRxVHl0RmZZaEEvcG5IeWF4MndpVjFKOHdBKzg0eFg1UkdML095ZTM4akE2WnZ4aTl4K0FRamVpM2F2czhoWjNCT2N4MEdwNkx3cWN6YUJNVC96UUp1VVdRTDVsWDRWQk5OU0JvbENzPXw&cppv=2

Request Chain 25

http://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146 HTTP 301
https://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146

Request Chain 39

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 48

http://rules.quantcount.com/rules-p-91mBChr87YHGg.js HTTP 301
https://rules.quantcount.com/rules-p-91mBChr87YHGg.js

Request Chain 51

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=558986582&utmhn=client.paltalk.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Chat%20Room%20Member%20on%20Paltalk&utmhid=1436426706&utmr=-&utmp=%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%25253A%25252F%25252Fxtralinq.com&utmht=1617809855861&utmac=UA-1854096-1&utmcc=__utma%3D187186217.1133320645.1617809856.1617809856.1617809856.1%3B%2B__utmz%3D187186217.1617809856.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1602933645&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=558986582&utmhn=client.paltalk.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Chat%20Room%20Member%20on%20Paltalk&utmhid=1436426706&utmr=-&utmp=%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%25253A%25252F%25252Fxtralinq.com&utmht=1617809855861&utmac=UA-1854096-1&utmcc=__utma%3D187186217.1133320645.1617809856.1617809856.1617809856.1%3B%2B__utmz%3D187186217.1617809856.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1602933645&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582&slf_rd=1&random=1718259624

Request Chain 75

http://pixel.quantserve.com/pixel;r=373009946;rf=0;a=p-91mBChr87YHGg;url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com;uht=2;fpan=1;fpa=P0-1703372353-1617809856018;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=paltalk.com;je=0;sr=1600x1200x24;dst=1;et=1617809856018;tzo=-120;ogl=type.activity%2Cimage.http%3A%2F%2Fwww%252Epaltalk%252Ecom%2Fen%2Fimages%2Fpaltalk%252Ejpg%2Cdescription.Browse%20and%20search%20thousands%20of%20free%20chat%20rooms%20to%20video%20chat%252C%20and%20IM%252E%20Looking%20fo HTTP 301
https://pixel.quantserve.com/pixel;r=373009946;rf=0;a=p-91mBChr87YHGg;url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com;uht=2;fpan=1;fpa=P0-1703372353-1617809856018;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=paltalk.com;je=0;sr=1600x1200x24;dst=1;et=1617809856018;tzo=-120;ogl=type.activity%2Cimage.http%3A%2F%2Fwww%252Epaltalk%252Ecom%2Fen%2Fimages%2Fpaltalk%252Ejpg%2Cdescription.Browse%20and%20search%20thousands%20of%20free%20chat%20rooms%20to%20video%20chat%252C%20and%20IM%252E%20Looking%20fo

Request Chain 85

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1

Request Chain 91

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=index_rtb&uid=YG3Rxb8d2zsg1t4AgLkwXQAA%261152

Request Chain 92

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Ded828f76-c748-4618-9125-2ec5f3d2b4a0%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=appnexus&uid=3491064899678107002

Request Chain 93

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=pubmatic&uid=F80370A5-403E-434F-BD07-3C6E7BE0148F

Request Chain 95

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID HTTP 302
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=7704662752386384295

Request Chain 96

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=sovrn&uid=ccc2d6886edc40eff5f4f32f

Request Chain 100

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Se6tNMur1Luafr5

Request Chain 101

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=1bb40dee-d968-4478-bae7-3f997590686b&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e23eb6bc-ed67-47fa-ad13-a01ef9fa6873

Request Chain 102

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIWS1FN0EyNlFBQUNuRGJBdU5SUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHY-E7A26QAACnDbAuNRQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHY-E7A26QAACnDbAuNRQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHY-E7A26QAACnDbAuNRQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHY-E7A26QAACnDbAuNRQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7737864143510333931 HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHY-E7A26QAACnDbAuNRQ

Request Chain 103

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d3e606d-d1c5-4600-8b88-4fed86749405

Request Chain 104

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=7Hy-_L596633db_56Hylrr9-7Pv3Kuqp7S9opH_Q

Request Chain 105

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4373856313672206149

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWRkNDBjMjEtNDIzZi02OGNjLTRlN2ItODc1MzdlZTg4MmNm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWRkNDBjMjEtNDIzZi02OGNjLTRlN2ItODc1MzdlZTg4MmNm&google_tc=

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDS9iRgYD7mNBhYs8Ak-jQ8&google_cver=1

Request Chain 110

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1912652238694062386

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mamjio4LS0auRhKxlutnWA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mamjio4LS0auRhKxlutnWA%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 114

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=99A9A38A-8E0B-4B46-AE46-12B196EB6758&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=99A9A38A-8E0B-4B46-AE46-12B196EB6758&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 115

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&addseg=19,36,42

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlBOUEzOEEtOEUwQi00QjQ2LUFFNDYtMTJCMTk2RUI2NzU4&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlBOUEzOEEtOEUwQi00QjQ2LUFFNDYtMTJCMTk2RUI2NzU4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEmQbVnaaRUqitapW6ne_Q0&google_cver=1

Request Chain 119

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6826670581792278986

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJ3yiTLAaKGQjDSzgr4fME&google_cver=1

Request Chain 122

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/4g_NwqVBNe-7-Jyq4we5jcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7259209832825050341

Request Chain 123

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7M7YXV-28-4FRN&sigv=1&esig=2~87d9d6f51e25065da22b995f4fac312ab53eafa0

Request Chain 125

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJlYTZjZTdkMGQ4ZTdhOGM5M2QzNDE2NjkxYmZkODMwNzZmNzgxOQ

Request Chain 126

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YG3RxgAAAICTgAUN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YG3RxgAAAICTgAUN&_test=YG3RxgAAAICTgAUN

Request Chain 128

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TTdZWFYtMjgtNEZSTg==

131 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set External.wmt Show response
client.paltalk.com/client/webapp/client/
Redirect Chain

http://gg.gg/oykkz
http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

28 KB
9 KB

290ms
262ms

Document
text/html

104.16.125.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: HTTP/1.1
Server: 104.16.125.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / The Gooch
Resource Hash: cc650ed8a3dceaed44d7fdb62a78d21860469dd59d4009855677ba0c12b69ce1

Request headers

Host: client.paltalk.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:34 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=daa8dde57fa44107853369ca0df1c483e1617809854; expires=Fri, 07-May-21 15:37:34 GMT; path=/; domain=.paltalk.com; HttpOnly; SameSite=Lax AWSALB=jURzZuBv4YDtIMI/uwi+h9hQ1bphsNdbodPUfyr62Qxr8KMWeFu4V7PgwJJjh5o66+wyeQRGVWronkIw3pJ5Wf9Kzk6xwH6wDG+TJ0z4/c/7hxjPDWiFaizXVuo3; Expires=Wed, 14 Apr 2021 15:37:34 GMT; Path=/ AWSALBCORS=jURzZuBv4YDtIMI/uwi+h9hQ1bphsNdbodPUfyr62Qxr8KMWeFu4V7PgwJJjh5o66+wyeQRGVWronkIw3pJ5Wf9Kzk6xwH6wDG+TJ0z4/c/7hxjPDWiFaizXVuo3; Expires=Wed, 14 Apr 2021 15:37:34 GMT; Path=/; SameSite=None JSESSIONID=node01stow3i94m0tbdsxi5o13k4jy86182.node0; Path=/client; SameSite=Strict
Expires: Thu, 01 Dec 1994 16:00:00 GMT
X-Powered-By: The Gooch
X-Served-By: 172.17.0.6
Cache-Control: no-cache, post-check=0, pre-check=0
Pragma: no-cache
CF-Cache-Status: DYNAMIC
cf-request-id: 094e9467b900004e261da02000000001
Server: cloudflare
CF-RAY: 63c45685fdcd4e26-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 07 Apr 2021 15:37:34 GMT
Server: Apache/2.2.22 (@RELEASE@)
X-Powered-By: PHP/5.3.3
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22a04379c113f8f3551c67dc0d17cd398f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22196.240.57.220%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A114%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1617809854%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D70441af10e6e70bee244008f3c021bec; expires=Wed, 07-Apr-2021 17:37:34 GMT; path=/ gg_token=9abf25c627cd8417810a3b6e5cd171b1606dd1be4dc284.47594823; expires=Tue, 06-Jul-2021 15:37:34 GMT; path=/; domain=.gg.gg
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 07 Apr 2021 15:37:34 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Location: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 184001-254390677486717.js Show response
js-sec.indexww.com/ht/p/ 97 KB
30 KB 548ms
530ms Script
text/javascript 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://js-sec.indexww.com/ht/p/184001-254390677486717.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6e7f260d42f20a8c10a9164bf18e481cb86b19414a85c8ecfdfc356db67dc830

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Apr 2021 15:35:54 GMT
Server: Apache
ETag: "762219-18435-5bf63afbba8c4"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 30491
Expires: Wed, 07 Apr 2021 16:37:35 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159420/2902/ 264 KB
82 KB 106ms
45ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159420/2902/pwt.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2617e2047beff3b41cb0a90815bbfe010584e05eeabdabc0264d3b0a9bb08cc8

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Apr 2021 22:14:03 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10e13fd-41eb3-5bef08c962825"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=144641
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 82838
Expires: Fri, 09 Apr 2021 07:48:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 59 KB
20 KB 102ms
36ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

3faa58f000c8912b721281935f5f834db7937db4b8521a642bb769544b2b140b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "835 / 203 of 1000 / last-modified: 1617794734"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20373
x-xss-protection: 0
expires: Wed, 07 Apr 2021 15:37:34 GMT

GET
H2 200 yourbow_prebid.js Show response
client.paltalk.com/ 286 KB
88 KB 117ms
55ms Script
text/javascript 104.16.125.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.paltalk.com/yourbow_prebid.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.125.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67b97edae23057a78d0ac1f7de2a0a9477293488f1cf2697d1bcfc5a99e18425

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Mar 2021 01:30:23 GMT
server: cloudflare
age: 1265
etag: W/"a4680-477cb-5bd107e8009c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 63c45687efe91f95-AMS
cf-request-id: 094e9468f200001f954bbc5000000001
expires: Wed, 07 Apr 2021 15:21:29 GMT

GET
H2 200 Roboto.css
www.palassets.com/fonts/ 1 KB
357 B 57ms
29ms Stylesheet
text/css 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/fonts/Roboto.css
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68404016d87510778a33fda4091e5574ce7bba6e5bc7e1b2c6b979004a6f145

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 281
cf-polished: origSize=1296
cf-request-id: 094e9468bf00004a7392a05000000001
last-modified: Tue, 22 Nov 2016 18:26:05 GMT
server: cloudflare
etag: W/"510-541e7e7c12940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182145
cf-ray: 63c456879f534a73-FRA
cf-bgj: minify

GET
H2 200 pt-base.css
www.palassets.com/web/responsive/css/ 31 KB
5 KB 55ms
28ms Stylesheet
text/css 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d69af8876700039c1ba7a45ff7c32fb7be447e8e3dac42ee20a934be93e4bba

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1
cf-polished: origSize=31742
cf-request-id: 094e9468bf00004a733f0b1000000001
last-modified: Wed, 25 Sep 2019 14:43:44 GMT
server: cloudflare
etag: W/"7bfe-59361ae018800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182145
cf-ray: 63c456879f584a73-FRA
cf-bgj: minify

GET
H2 200 jquery-1.11.3.min.js Show response
www.palassets.com/lib/ 94 KB
33 KB 50ms
22ms Script
text/javascript 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/lib/jquery-1.11.3.min.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 263
content-length: 33279
cf-request-id: 094e9468bf00004a735f089000000001
last-modified: Wed, 08 Feb 2017 06:22:44 GMT
server: cloudflare
etag: "176d5-547fee479b500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=307182145
accept-ranges: bytes
cf-ray: 63c456879f5b4a73-FRA
expires: Tue, 31 Dec 2030 23:59:59 GMT

GET
H2 200 pxrec.js Show response
www.palassets.com/web/new0312/js/ 9 KB
3 KB 49ms
22ms Script
text/javascript 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/web/new0312/js/pxrec.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56835ac2753b2e0301d60e51917027396b06ae61cfbcb718f58c12d4a378e629

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 141
cf-polished: origSize=13350
cf-request-id: 094e9468c100004a732a989000000001
last-modified: Fri, 22 Dec 2017 09:40:32 GMT
server: cloudflare
etag: W/"3426-560ea9b8ee400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182145
cf-ray: 63c456879f5e4a73-FRA
cf-bgj: minify

GET
H2 200 utils-min.js Show response
www.palassets.com/peopleweb/responsive/js/ 23 KB
6 KB 48ms
21ms Script
text/javascript 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/peopleweb/responsive/js/utils-min.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2751954d53fdc886916f14b751fc85c4e246a3055b0d69c0aa03b0e93ed53a60

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 141
content-length: 5994
cf-request-id: 094e9468c000004a732ebf2000000001
last-modified: Thu, 22 Jun 2017 10:50:36 GMT
server: cloudflare
etag: "5a2b-5528a412d3700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=307182145
accept-ranges: bytes
cf-ray: 63c456879f5c4a73-FRA
expires: Tue, 31 Dec 2030 23:59:59 GMT

GET
H2 200 weblaunch.js Show response
www.palassets.com/web/new0312/js/ 5 KB
2 KB 55ms
28ms Script
text/javascript 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/web/new0312/js/weblaunch.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 823c9c6d72d1c800d2ca3927bf33aaddbf3070bf73b3b56bceca52ec8330de10

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 113
cf-polished: origSize=6670
cf-request-id: 094e9468c100004a733fb7a000000001
last-modified: Tue, 22 Nov 2016 18:43:26 GMT
server: cloudflare
etag: W/"1a0e-541e825cd8f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182145
cf-ray: 63c456879f614a73-FRA
cf-bgj: minify

GET
H2 200 external.css
www.palassets.com/clientweb/responsive/css/ 4 KB
1 KB 54ms
27ms Stylesheet
text/css 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/clientweb/responsive/css/external.css?v=0628
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616e01de014d20a4509bc2d7bd59ff00c0c563d5971d23d36d63d963accc0615

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 141
cf-polished: origSize=3768
cf-request-id: 094e9468bf00004a733526b000000001
last-modified: Tue, 22 Nov 2016 18:08:19 GMT
server: cloudflare
etag: W/"eb8-541e7a8374ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182145
cf-ray: 63c456879f5a4a73-FRA
cf-bgj: minify

GET
H2 200 ad-300x250.jpg
www.palassets.com/clientweb/responsive/images/external/ 10 KB
11 KB 41ms
41ms Image
image/webp 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.palassets.com/clientweb/responsive/images/external/ad-300x250.jpg
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe1065230b5e42f5af8905d804c90682a966a547fd7dc997023ae7a9414e6918

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
cf-cache-status: HIT
age: 65631
cf-polished: qual=85, origFmt=jpeg, origSize=28631
content-disposition: inline; filename="ad-300x250.webp"
content-length: 10604
cf-request-id: 094e946a2100004a734d8bc000000001
last-modified: Tue, 22 Nov 2016 18:08:19 GMT
server: cloudflare
etag: "6fd7-541e7a8374ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 08 Apr 2022 15:37:35 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 63c45689cd594a73-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 115ms
52ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=93331313f563431313f5334383&cid=843&s=paltalk.com&ip=196.240.57.220&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&p=CLIENT_EXTERNAL_URL
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Apr 2021 18:37:47 GMT
server: cloudflare
age: 5179
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 63c4568a9a240ba5-AMS
content-length: 1146
cf-request-id: 094e946a9e00000ba524253000000001
expires: Wed, 07 Apr 2021 17:37:35 GMT

GET
H2 200 login.css
www.palassets.com/web/responsive/css/ 9 KB
2 KB 19ms
19ms Stylesheet
text/css 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/web/responsive/css/login.css?v=0628
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea1e149e53984e636fc289ef15b23338537a33ba955c86b0e82e539fe1254a42

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 140
cf-polished: origSize=9013
cf-request-id: 094e94694400004a737e00c000000001
last-modified: Thu, 22 Jun 2017 10:48:10 GMT
server: cloudflare
etag: W/"2335-5528a38796e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182145
cf-ray: 63c4568869b14a73-FRA
cf-bgj: minify

GET
H2 200 login-modal.js Show response
www.palassets.com/web/responsive/js/ 4 KB
1 KB 31ms
30ms Script
text/javascript 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/web/responsive/js/login-modal.js?v=0628
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2507b679c0012ad9e1d5311602fb16e61cf514231c37eeaeae8cce08df92a0f

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 140
cf-polished: origSize=7370
cf-request-id: 094e94695700004a731d924000000001
last-modified: Thu, 22 Dec 2016 08:39:08 GMT
server: cloudflare
etag: W/"1cca-5443b33e5a300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182145
cf-ray: 63c456888a004a73-FRA
cf-bgj: minify

GET
H2 200 pt-base.js Show response
www.paltalk.com/responsive/js/ 9 KB
3 KB 67ms
56ms Script
text/javascript 104.16.125.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paltalk.com/responsive/js/pt-base.js?v=2972625251
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.125.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295aeade3d8e1ff891610d33487e6b07dd85c9bfa50b7a9bf8bad1386d3ce8a2

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Mar 2021 06:38:24 GMT
server: cloudflare
age: 232
etag: W/"1c1106-22ff-5bcc454b03800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 63c45688ea651f95-AMS
cf-request-id: 094e94699300001f95963db000000001
expires: Wed, 07 Apr 2021 19:37:34 GMT

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
17 KB 68ms
52ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

HTTP/1.1

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7b836f980105af48cc460cba4d6beded383be23233b43010337cddf9642ae7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 07 Apr 2021 15:37:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16397456148590585425
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 16505
X-XSS-Protection: 0
Expires: Wed, 07 Apr 2021 15:37:34 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 16ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JAEaYPmlzGBPWdORjSAaYw==
age: 6948
vary: Accept-Encoding
content-length: 5617
cf-request-id: 094e946a0f000016ee53acd000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:23 GMT
server: cloudflare
etag: 0x8D8F2581726E85D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0c6caa1d-301e-00dd-7e1e-278b48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c45689b84e16ee-FRA

GET rid
match.adsrvr.org/track/ 0
0

GET identity
api.rlcdn.com/api/ 0
0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 74ms
23ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fclient.paltalk.com%2F&domain=client.paltalk.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://client.paltalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: http://client.paltalk.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1487
date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fclient.paltalk.com%2F&domain=client.paltalk.com&cw=1
https://mug.criteo.com/sid?cpp=kPrt43xpcnFvdVBZeUljWFB6N1g3OVdHb2t5Q1NHaHlnaElRc0hNdkFIQlZGcmhlQ2owOGU5TDBLN21kVU8ydXo5UGI0MzkrR0tlcHZPamY0NnZoSlIrSVg5d1lIMis2RWtJK2ZEeXo1ZU92VTQ5ZEExbjlUR1dqZ0tTd1...

350 B
629 B

110ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kPrt43xpcnFvdVBZeUljWFB6N1g3OVdHb2t5Q1NHaHlnaElRc0hNdkFIQlZGcmhlQ2owOGU5TDBLN21kVU8ydXo5UGI0MzkrR0tlcHZPamY0NnZoSlIrSVg5d1lIMis2RWtJK2ZEeXo1ZU92VTQ5ZEExbjlUR1dqZ0tTd1d5dVkxdkVtelNJTlRxVHl0RmZZaEEvcG5IeWF4MndpVjFKOHdBKzg0eFg1UkdML095ZTM4akE2WnZ4aTl4K0FRamVpM2F2czhoWjNCT2N4MEdwNkx3cWN6YUJNVC96UUp1VVdRTDVsWDRWQk5OU0JvbENzPXw&cppv=2

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

48f43fdb20eb8ab9c4b82b72f5466b66792ced60a4ce8059c328b449eb6994f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 07 Apr 2021 15:37:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2147
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 07 Apr 2021 15:37:34 GMT
location: https://mug.criteo.com/sid?cpp=kPrt43xpcnFvdVBZeUljWFB6N1g3OVdHb2t5Q1NHaHlnaElRc0hNdkFIQlZGcmhlQ2owOGU5TDBLN21kVU8ydXo5UGI0MzkrR0tlcHZPamY0NnZoSlIrSVg5d1lIMis2RWtJK2ZEeXo1ZU92VTQ5ZEExbjlUR1dqZ0tTd1d5dVkxdkVtelNJTlRxVHl0RmZZaEEvcG5IeWF4MndpVjFKOHdBKzg0eFg1UkdML095ZTM4akE2WnZ4aTl4K0FRamVpM2F2czhoWjNCT2N4MEdwNkx3cWN6YUJNVC96UUp1VVdRTDVsWDRWQk5OU0JvbENzPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://client.paltalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1729
content-length: 482
expires: 0

GET
H3-Q050 200 pubads_impl_2021040501.js Show response
securepubads.g.doubleclick.net/gpt/ 294 KB
104 KB 88ms
50ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060697

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

6afdb4c99349e317ab25f9be5c0b6819b3910df88259f171bd36cf31c66d73c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 08:36:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105885
x-xss-protection: 0
expires: Wed, 07 Apr 2021 15:37:35 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 112ms
37ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 974
date: Wed, 07 Apr 2021 15:37:34 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 68ms
52ms Script
application/javascript 52.85.32.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Server: 52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-122.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 22:11:28 GMT
Content-Encoding: gzip
Age: 62767
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Timing-Allow-Origin: *
Server: Server
ETag: 9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-amz-version-id: GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
Via: 1.1 8e528c903e305db7d4b0107d87c91a60.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: HAM50-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: d5e4-3NRhwaLIwFHGlSXYnWlaz3_HHuoBoN7kNATCnb5cEqlXNcwjw==

GET
H2

200

j.php Show response
dev.visualwebsiteoptimizer.com/
Redirect Chain

http://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146
https://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146

6 KB
3 KB

230ms
106ms

Script
application/javascript

34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 5a294e8efba0a3ea63b58d8146163b6a1e10e23e0049000e1231072dd4a87931

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 15:37:34 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

Redirect headers

Location: https://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146
Date: Wed, 07 Apr 2021 15:37:34 GMT
Via: 1.1 google
server: gfra1
Timing-Allow-Origin: *
Content-Length: 166
Content-Type: text/html

GET
H/1.1 200
OK 802acd0c2.js Show response
cdn01.smartling.com/ls/ 18 KB
6 KB 245ms
222ms Script
application/javascript 204.236.224.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn01.smartling.com/ls/802acd0c2.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: HTTP/1.1
Server: 204.236.224.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-204-236-224-156.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c143a6c942faf2017d3e449c0f1684bbd16a1dd6a1352c296ae3c68ff7c667ab

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 07 Apr 2021 15:37:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 16:42:02 GMT
Server: nginx
ETag: W/"5ebad1da-480f"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 77ms
62ms XHR
application/javascript 52.85.32.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-122.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 06:48:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 31732
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 07 Apr 2021 05:49:36 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
Via: 1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: HAM50-C1
Content-Type: application/javascript
X-Amz-Cf-Id: NzmBqBwKVTVVUWpfrDAaSnhcM2-vc4Ph8gWNYw9tmaCLU8B7nJJZng==

GET
H2 200 paltalk_logo.svg
www.palassets.com/web/responsive/images/ 5 KB
2 KB 15ms
13ms Image
image/svg+xml 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.palassets.com/web/responsive/images/paltalk_logo.svg
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8f1d3a2953ab09cba55eccbfb7155eee5476dace4eb3ba4a8dc457de5104384

Request headers

Referer: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:43:52 GMT
server: cloudflare
age: 65739
etag: W/"1233-541e8275a4a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c4568e18f14a73-FRA
cf-request-id: 094e946ccf00004a738d0a8000000001
expires: Fri, 08 Apr 2022 15:37:35 GMT

GET
H2 200 menu.svg
www.palassets.com/web/responsive/images/ 2 KB
805 B 15ms
14ms Image
image/svg+xml 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.palassets.com/web/responsive/images/menu.svg
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 781314fd695ede71d5e67b0442d8d6d97807bb99749644e95e8b4f376aa0cbe9

Request headers

Referer: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:43:52 GMT
server: cloudflare
age: 65737
etag: W/"698-541e8275a4a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c4568e18f24a73-FRA
cf-request-id: 094e946ccf00004a7352a31000000001
expires: Fri, 08 Apr 2022 15:37:35 GMT

GET
H2 200 Roboto-Regular.woff
www.palassets.com/fonts/Roboto/ 29 KB
29 KB 57ms
33ms Font
application/octet-stream 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/fonts/Roboto/Roboto-Regular.woff
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/fonts/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4224ab484df78e7350a91e48d2608fcf494bea8d0f30866d8d74e7dfa83c5dd0

Request headers

Origin: http://client.paltalk.com
Referer: https://www.palassets.com/fonts/Roboto.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:26:05 GMT
server: cloudflare
age: 65937
etag: W/"7364-541e7e7c12940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c4568e3bffdfbb-FRA
cf-request-id: 094e946ce80000dfbbfdb53000000001
expires: Fri, 08 Apr 2022 15:37:35 GMT

GET
H2 200 notification_icon.png
www.palassets.com/clientweb/responsive/images/external/ 644 B
981 B 14ms
13ms Image
image/webp 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.palassets.com/clientweb/responsive/images/external/notification_icon.png
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/clientweb/responsive/css/external.css?v=0628
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21837e4a7f42af6d935cac1ebf5bd2748faab9f1f38ef8a10dab5f8e608bbc13

Request headers

Referer: https://www.palassets.com/clientweb/responsive/css/external.css?v=0628
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
cf-cache-status: HIT
age: 4743
cf-polished: origFmt=png, origSize=1271
content-disposition: inline; filename="notification_icon.webp"
content-length: 644
cf-request-id: 094e946cfb00004a7345084000000001
last-modified: Tue, 22 Nov 2016 18:08:19 GMT
server: cloudflare
etag: "4f7-541e7a8374ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182144
accept-ranges: bytes
cf-ray: 63c4568e59a94a73-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Roboto-Thin.woff
www.palassets.com/fonts/Roboto/ 29 KB
29 KB 24ms
23ms Font
application/octet-stream 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/fonts/Roboto/Roboto-Thin.woff
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/fonts/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08fed0adcc0983f5138ef86f105e4e57f57493d3da4d8337024a7f25cbfacb59

Request headers

Origin: http://client.paltalk.com
Referer: https://www.palassets.com/fonts/Roboto.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:26:05 GMT
server: cloudflare
age: 65937
etag: W/"7564-541e7e7c12940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c4568e5c4bdfbb-FRA
cf-request-id: 094e946cfd0000dfbb098d3000000001
expires: Fri, 08 Apr 2022 15:37:35 GMT

GET
H2 200 Roboto-Medium.woff
www.palassets.com/fonts/Roboto/ 29 KB
30 KB 22ms
22ms Font
application/octet-stream 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/fonts/Roboto/Roboto-Medium.woff
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/fonts/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c947f69494f9ad4b2db1e2bb26acebca4d78b5c0edfcf81a4c6166ebd71257

Request headers

Origin: http://client.paltalk.com
Referer: https://www.palassets.com/fonts/Roboto.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:26:05 GMT
server: cloudflare
age: 65937
etag: W/"75c8-541e7e7c12940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c4568e5c4edfbb-FRA
cf-request-id: 094e946cfb0000dfbb0c83e000000001
expires: Fri, 08 Apr 2022 15:37:35 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
416 B 103ms
43ms XHR
text/javascript 184.31.84.150
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=184725&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A72141877%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22186836%22%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%7D
Requested by: Host: js-sec.indexww.com
URL: http://js-sec.indexww.com/ht/p/184001-254390677486717.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 90e61304cb686a145cd7776b9abbe88f0bbb94da60c1d4509827de722fb28c2d

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[BE], CN:[EU], CIP:[196.240.57.220], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: http://client.paltalk.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 12
expires: Wed, 07 Apr 2021 15:37:35 GMT

GET
H2 200 language-icon.svg
www.palassets.com/web/responsive/images/ 2 KB
1019 B 13ms
12ms Image
image/svg+xml 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.palassets.com/web/responsive/images/language-icon.svg
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299968b14069d2be29992e13c73eeb57e5de1e7b275cb4ef536123507d855de9

Request headers

Referer: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:43:52 GMT
server: cloudflare
age: 65737
etag: W/"8b3-541e8275a4a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c4568e9a334a73-FRA
cf-request-id: 094e946d1a00004a7318b48000000001
expires: Fri, 08 Apr 2022 15:37:35 GMT

GET
H2 200 lang-dropdown.png
www.palassets.com/web/responsive/images/ 206 B
368 B 13ms
12ms Image
image/webp 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.palassets.com/web/responsive/images/lang-dropdown.png
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1196a627110c45b515d57c91e5100d46af8f08e70b6658a0b125580192cae56

Request headers

Referer: https://www.palassets.com/web/responsive/css/pt-base.css?v=290519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
cf-cache-status: HIT
age: 7051
cf-polished: origFmt=png, origSize=1141
content-disposition: inline; filename="lang-dropdown.webp"
content-length: 206
cf-request-id: 094e946d1a00004a733fbef000000001
last-modified: Tue, 22 Nov 2016 18:43:52 GMT
server: cloudflare
etag: "475-541e8275a4a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 31 Dec 2030 23:59:59 GMT
cache-control: public, max-age=307182144
accept-ranges: bytes
cf-ray: 63c4568e9a374a73-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Roboto-Light.woff
www.palassets.com/fonts/Roboto/ 29 KB
29 KB 15ms
15ms Font
application/octet-stream 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/fonts/Roboto/Roboto-Light.woff
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/fonts/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa26d78b006b59544426bea90993340b19b904804a00cff005ff21352a25835

Request headers

Origin: http://client.paltalk.com
Referer: https://www.palassets.com/fonts/Roboto.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:26:05 GMT
server: cloudflare
age: 65937
etag: W/"7568-541e7e7c12940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c4568e9caedfbb-FRA
cf-request-id: 094e946d1a0000dfbb229ef000000001
expires: Fri, 08 Apr 2022 15:37:35 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 14ms
6ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: HTTP/1.1
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:35 GMT
Content-Encoding: gzip
Etag: "YoFsxqR3BwPygbSjh02Dug=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 14 Apr 2021 15:37:35 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6890
date: Wed, 07 Apr 2021 13:42:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 07 Apr 2021 15:42:45 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070936763/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070936763/?random=1617809855812&cv=9&fst=1617809855812&num=1&label=_QV1CNfZ7BQQu-XU_gM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&tiba=Chat%20Room%20Member%20on%20Paltalk&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ab37e739d7c8a20025fc0a3a307a64531c4831004824695b7c848547c686264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1091
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c2a7e04e-15f9-4d92-bf41-a0bae4676bc7.json Show response
cdn.cookielaw.org/consent/c2a7e04e-15f9-4d92-bf41-a0bae4676bc7/ 3 KB
2 KB 33ms
33ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c2a7e04e-15f9-4d92-bf41-a0bae4676bc7/c2a7e04e-15f9-4d92-bf41-a0bae4676bc7.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb883a5ea14f82786b9474b9ee90a74f44596ee08bc73fdbf89a38cfcb1b7c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: SjqQHBIMhoFovEKcB2vthQ==
age: 3613
vary: Accept-Encoding
content-length: 1283
cf-request-id: 094e946d5000001f21deac8000000001
x-ms-lease-status: unlocked
last-modified: Thu, 07 Jan 2021 00:09:14 GMT
server: cloudflare
etag: 0x8D8B2A077B24A55
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bf3dc226-401e-00d2-3432-0466be000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c4568eefd61f21-FRA

GET
H2 200 hsvqLikO3uPCv8gl3N56JFd8b9uXkqowIBcvjXSoVoiNZtT5AUz_0WcT_J9bq8XZgVoAX6zkic1nNjlOn47tuIn564kB-TxAokaDxw Show response
obscenesidewalk.com/v2/0/ 103 KB
30 KB 122ms
42ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://obscenesidewalk.com/v2/0/hsvqLikO3uPCv8gl3N56JFd8b9uXkqowIBcvjXSoVoiNZtT5AUz_0WcT_J9bq8XZgVoAX6zkic1nNjlOn47tuIn564kB-TxAokaDxw

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

87327faa5881d79639a7fb978d0d42a80f23ac91eece231d70a3ac0b75cd8ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "e83457c2d851a18b5cd29856e831569e120817239713db92c67f4b0fd066fae3"
vary: Accept-Encoding, Accept-Language
x-hostname: 30624aca
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 07 Apr 2021 15:37:35 GMT
timing-allow-origin: *

GET
H/1.1 200
OK flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 57ms
41ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.yabidos.com/flimpobj.js?cb=1617809855801&ver1=2.2.3&qid=93331313f563431313f5334383&rnd=68h0grdcsziu&cid=843
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=93331313f563431313f5334383&cid=843&s=paltalk.com&ip=196.240.57.220&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&p=CLIENT_EXTERNAL_URL
Protocol: HTTP/1.1
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 02 Apr 2021 18:37:47 GMT
Server: cloudflare
Age: 4969
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 63c4568f2f28d125-TXL
Content-Length: 23972
cf-request-id: 094e946d7e0000d1250e82d000000001
Expires: Wed, 07 Apr 2021 17:37:35 GMT

GET
H3-Q050 200 va-9d6ac57dbcbba3321dd904e6ee78b647.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 210 KB
60 KB 61ms
31ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: http://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6f3e3a82eb9581544ef9139b9db92186ef0b4e9c2f0746ea4f917a1023b52448

Request headers

Origin: http://client.paltalk.com
Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: br
last-modified: Wed, 07 Apr 2021 10:46:23 GMT
server: gfra1
etag: "606d8d7f-ef63"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61283
via: 1.1 google

GET
H3-Q050 200 track-9d6ac57dbcbba3321dd904e6ee78b647.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 11 KB
4 KB 62ms
31ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: http://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 10b73ad16cd524d6e5b81f5a4bc5542c98fb32d9d105a79298ece5ec19190d76

Request headers

Origin: http://client.paltalk.com
Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: br
last-modified: Wed, 07 Apr 2021 10:46:23 GMT
server: gfra1
etag: "606d8d7f-dd9"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3545
via: 1.1 google

GET
H3-Q050 200 opa-3d1a80cbbc4fdc4472eae80c14d918ad.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 93 KB
24 KB 63ms
32ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: http://dev.visualwebsiteoptimizer.com/j.php?a=274377&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&r=0.6648965484681146
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d466418d4c7182eb70a73da834678c1c36ce029f68658c19abddedc305a2d0dc

Request headers

Origin: http://client.paltalk.com
Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: br
last-modified: Wed, 07 Apr 2021 10:46:18 GMT
server: gfra1
etag: "606d8d7a-5ff9"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24569
via: 1.1 google

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
301 B 152ms
121ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=274377&d=client.paltalk.com&u=D40D8788DB1271EDB7BD116A811B91012&h=8418e761be8c53349985402e35342fc7&t=false&r=0.5329151232775478

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:35 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2

200

rules-p-91mBChr87YHGg.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-91mBChr87YHGg.js
https://rules.quantcount.com/rules-p-91mBChr87YHGg.js

3 B
358 B

46ms
15ms

Script
application/x-javascript

2600:9000:2093:ec00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-91mBChr87YHGg.js
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 00:43:03 GMT
via: 1.1 a6e1678aced1951bb094538ec62256f5.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:14:50 GMT
server: AmazonS3
age: 53673
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: _gBJClEO-N-XPC922QAIwztFhAI6Wi1-1qK3w2h13roxkoGEylFRKQ==

Redirect headers

Date: Wed, 07 Apr 2021 15:37:35 GMT
Via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: HAM50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-91mBChr87YHGg.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: o08HJ9InwaxZmmwyyj7-6jfyXLaDOwf-sTjniyN8vmaiXV22A8Eh-g==

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070936763/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070936763/?random=1617809855812&cv=9&fst=1617807600000&num=1&label=_QV1CNfZ7BQQu-XU_gM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&tiba=Chat%20Room%20Member%20on%20Paltalk&fmt=3&is_vtc=1&random=1072973095&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070936763/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070936763/?random=1617809855812&cv=9&fst=1617807600000&num=1&label=_QV1CNfZ7BQQu-XU_gM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&tiba=Chat%20Room%20Member%20on%20Paltalk&fmt=3&is_vtc=1&random=1072973095&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=558986582&utmhn=client.paltalk.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Cha...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=558986582&utmhn=client.paltalk.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ch...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582&slf_rd=1&random=1718259624

42 B
483 B

58ms
44ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582&slf_rd=1&random=1718259624

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1854096-1&cid=1133320645.1617809856&jid=1602933645&_v=5.7.2&z=558986582&slf_rd=1&random=1718259624
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
362 B 27ms
26ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 63c4568f2ab64a5b-FRA
cf-request-id: 094e946d7c00004a5b1abad000000001

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 145ms
72ms XHR
text/javascript 52.85.32.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&pid=ENeQonAXF0vFe&cb=0&ws=1600x1200&v=7.61.00&t=900&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94836359%2Fpaltalk_client_exit300x250%22%7D%5D&cfgv=0&pubid=4f573225-faea-40e4-af7d-9d0bbbae64a1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-122.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
via: 1.1 34b26b9570d823536072a91c564a4d8d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HAM50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://client.paltalk.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: seVg6BY1BhQ150V0Spw1VI2U0FG7H5LeyrJCo8RGYLlSIHUZSyXyFA==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 144ms
80ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c9d0c39162d12685d96c068609f2b9bb24016afee5c24b3e1bac2b523e30e4e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:36 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.52:80
AN-X-Request-Uuid: 6e11fce2-7721-4645-b21f-6c4ab8f62b2e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://client.paltalk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 215ms
153ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

04d722bb3478971c60277d1952a52bc72da00ee75e56d0b02707e816947da277

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:36 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.51:80
AN-X-Request-Uuid: a913afa6-8f71-496e-8daf-ac1de092fcca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://client.paltalk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
yourbow-d.openx.net/w/1.0/ 173 B
562 B 116ms
43ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://yourbow-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=101402aa-4948-4257-bead-867679482818&nocache=1617809855882&pubcid=8e80e5fb-fd4c-48a2-b633-6d7b69644dcb&aus=300x250&divIds=div-gpt-ad-1506022300747-0&auid=541018073
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 6204bcefd4592f2b8dedecdd779ca27fc3e09b7fbb7aae5751edcfeaf305ef56

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
server: OXGW/16.205.50
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://client.paltalk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
428 B 62ms
26ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Apr 2021 15:37:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://client.paltalk.com
access-control-allow-credentials: true
cf-ray: 63c4568f9a3e2685-TXL
access-control-allow-headers: Content-Type, Origin
cf-request-id: 094e946dc00000268550902000000001

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 140ms
39ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=313814&zone_id=1599194&size_id=15&eid_pubcid.org=8e80e5fb-fd4c-48a2-b633-6d7b69644dcb%5E1&rf=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&tk_flint=pbjs_lite_v4.29.0&x_source.tid=101402aa-4948-4257-bead-867679482818&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.45212338185440903
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 37d58ea1bb80f1085e3924206d3fd513f2efc4c6aba9b9f258602d777ec323e0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:36 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://client.paltalk.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 hb Show response
brightcombid.marphezis.com/ 0
115 B 355ms
118ms XHR
text/plain 34.228.125.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://brightcombid.marphezis.com/hb
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.125.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-125-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://client.paltalk.com
date: Wed, 07 Apr 2021 15:37:36 GMT
access-control-allow-credentials: true
server: nginx

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 123ms
66ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://client.paltalk.com
date: Wed, 07 Apr 2021 15:37:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 c Show response
prebid.a-mo.net/a/ 741 B
738 B 327ms
109ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e2e6e7ccfb926d127cc925263fc8b9058b49b5b9d966acd1e192bc2c24b87b35

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://client.paltalk.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 307

GET
H/1.1 204 hb Show response
dsp.bnmla.com/ 0
193 B 358ms
119ms XHR
text/plain 38.27.122.36
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.bnmla.com/hb?&zoneid=1000321&br=%7B%22id%22%3A%2217124df13b1a91b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22185a6afcbbe0e5e%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22bidfloor%22%3A%221.00%22%7D%5D%2C%22site%22%3A%7B%22domain%22%3A%22client.paltalk.com%22%2C%22page%22%3A%22%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com%22%7D%2C%22device%22%3A%7B%22geo%22%3A%7B%22lat%22%3A%22%22%2C%22log%22%3A%22%22%7D%2C%22ifa%22%3A%22%22%7D%7D
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.36 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://client.paltalk.com
Date: Wed, 07 Apr 2021 15:37:36 GMT
Access-Control-Allow-Credentials: true
Server: openresty
Connection: keep-alive

POST
H/1.1 200
OK auction Show response
x.yieldlift.com/ 2 KB
913 B 622ms
249ms XHR
application/json 18.211.21.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.yieldlift.com/auction
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.21.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-21-136.compute-1.amazonaws.com
Software: /
Resource Hash: d0c284988ae9e662ebe397a61cefb85264195065f9cf467c133afa6c81b9d652

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json;charset=utf-8
access-control-allow-origin: http://client.paltalk.com
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 575
Expires: 0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
315 B 92ms
33ms XHR
text/plain 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=184725&u=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&v=3
Requested by: Host: js-sec.indexww.com
URL: http://js-sec.indexww.com/ht/p/184001-254390677486717.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:35 GMT
Server: Apache
Access-Control-Allow-Origin: http://client.paltalk.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 07 Apr 2021 15:37:35 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 27ms
27ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 11681621
vary: Accept-Encoding
content-length: 79698
cf-request-id: 094e946da3000016ee5fad8000000001
x-ms-lease-status: unlocked
last-modified: Mon, 23 Nov 2020 02:33:28 GMT
server: cloudflare
etag: 0x8D88F582961DDDE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1f098869-501e-00cd-4b85-c1bdae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c4568f6c0716ee-FRA
expires: Thu, 15 Apr 2021 15:37:35 GMT

GET
H/1.1 200
OK nflrc.gif
pre.glotgrx.com/ 26 B
607 B 30ms
23ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pre.glotgrx.com/nflrc.gif?cb=1617809855922578&ver=1.2r81&qid=93331313f563431313f5334383&p=CLIENT_EXTERNAL_URL&s=paltalk.com&x=&cid=843&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=68h0grdcsziu&impid=&tps=41&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&ip=196.240.57.220&1=ee77c0c034c348ee32ba3530edecd876&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%221380%22}&ats=1600x1200&atf=&dbgcid=843&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=102&icp=http%253A//client.paltalk.com/client/webapp/client/External.wmt%253Furlfl_eq843http%253A//xtralinq.com&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-19-s-fl-11-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-ip-fl-14-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_10_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=20
Requested by: Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com
Protocol: HTTP/1.1
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:36 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 02 Apr 2021 18:37:38 GMT
Server: cloudflare
Age: 1911
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 63c4568ffe184e79-FRA
Content-Length: 26
cf-request-id: 094e946dfb00004e79e930c000000001
Expires: Wed, 07 Apr 2021 17:37:36 GMT

GET
H3-Q050 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 29ms
29ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: br
last-modified: Wed, 07 Apr 2021 10:46:18 GMT
server: gfra1
etag: "606d8d7a-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/c2a7e04e-15f9-4d92-bf41-a0bae4676bc7/4343a4fd-b0e6-4506-90ed-d917377f3458/ 92 KB
20 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c2a7e04e-15f9-4d92-bf41-a0bae4676bc7/4343a4fd-b0e6-4506-90ed-d917377f3458/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3349aee223a61f75bba31ca123d694dda7a22d2cbf2887a0b4417dcfda314606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BdB5Bf1tNTZEimyh6Z4AJw==
age: 2148
vary: Accept-Encoding
content-length: 19745
cf-request-id: 094e946e3a00001f211f99f000000001
x-ms-lease-status: unlocked
last-modified: Thu, 07 Jan 2021 00:09:30 GMT
server: cloudflare
etag: 0x8D8B2A080E8735F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 58ecc23d-a01e-009c-7094-e4a35b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c456905a861f21-FRA

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 239 KB
33 KB 17ms
17ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd9725994b7082e43e5bc686ccaac9891268bc5b1cc010d10db15116feaaf084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2lXsdbaroNvnMSOS2mXapg==
age: 4025
vary: Accept-Encoding
content-length: 33796
cf-request-id: 094e946e3a00001f21c72b4000000001
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 13:00:02 GMT
server: cloudflare
etag: 0x8D8F9C50EEF1FDB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dce3f511-101e-0085-3dba-2b8f33000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c456905a8c1f21-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 67 KB
15 KB 50ms
50ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iXlp8PB9nD0YCMZBaEfbOQ==
age: 11078009
vary: Accept-Encoding
content-length: 14815
cf-request-id: 094e946e51000016eed83e0000000001
x-ms-lease-status: unlocked
last-modified: Wed, 25 Nov 2020 13:40:17 GMT
server: cloudflare
etag: 0x8D89147A5573749
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b7e86ec6-c01e-0026-6902-c74352000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c456906edc16ee-FRA
expires: Thu, 15 Apr 2021 15:37:36 GMT

GET
H/1.1 200
OK / Show response
cookies.onetrust.mgr.consensu.org/ Frame F3CA 2 KB
1 KB 13ms
6ms Document
text/html 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cookies.onetrust.mgr.consensu.org/?name=euconsent-v2&value=&expire=0&isFirstRequest=true
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol: HTTP/1.1
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F13) /
Resource Hash: 2f61046e097d23f9c445ffbdb7cebae9e6d8bab5c8627a911473e4bfe3e3a809

Request headers

Host: cookies.onetrust.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://client.paltalk.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

Content-Encoding: gzip
Age: 460770
Content-Type: text/html
Date: Wed, 07 Apr 2021 15:37:36 GMT
Etag: "603dd66c-908+gzip"
Last-Modified: Tue, 02 Mar 2021 06:08:44 GMT
Server: ECAcc (frc/8F13)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 931

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 13 KB
4 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W9e0YobmEbvdB0V9OmpQkw==
age: 2024174
vary: Accept-Encoding
content-length: 3329
cf-request-id: 094e946ea500001f21c72ba000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:50 GMT
server: cloudflare
etag: 0x8D89735209A34D6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2a38b021-801e-004c-795b-191ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c456910bc01f21-FRA
expires: Thu, 15 Apr 2021 15:37:36 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 46 KB
11 KB 22ms
21ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ydfMbMpHX/N/aS5YhkXXwQ==
age: 2024174
vary: Accept-Encoding
content-length: 11336
cf-request-id: 094e946ea500001f21c1325000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:53 GMT
server: cloudflare
etag: 0x8D89735220FDD9F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b513578b-f01e-0103-2b5b-199db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63c456910bc41f21-FRA
expires: Thu, 15 Apr 2021 15:37:36 GMT

POST error
quantcount.com/log/ 0
0

GET
H2

200

pixel;r=373009946;rf=0;a=p-91mBChr87YHGg;url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com;uht=2;fpan=1;fpa=P0-1703372353-1617809...
pixel.quantserve.com/
Redirect Chain

http://pixel.quantserve.com/pixel;r=373009946;rf=0;a=p-91mBChr87YHGg;url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com;uht=2;fpan...
https://pixel.quantserve.com/pixel;r=373009946;rf=0;a=p-91mBChr87YHGg;url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com;uht=2;fpa...

35 B
373 B

23ms
8ms

Image
image/gif

2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=373009946;rf=0;a=p-91mBChr87YHGg;url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com;uht=2;fpan=1;fpa=P0-1703372353-1617809856018;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=paltalk.com;je=0;sr=1600x1200x24;dst=1;et=1617809856018;tzo=-120;ogl=type.activity%2Cimage.http%3A%2F%2Fwww%252Epaltalk%252Ecom%2Fen%2Fimages%2Fpaltalk%252Ejpg%2Cdescription.Browse%20and%20search%20thousands%20of%20free%20chat%20rooms%20to%20video%20chat%252C%20and%20IM%252E%20Looking%20fo

Requested by

Host: client.paltalk.com
URL: http://client.paltalk.com/client/webapp/client/External.wmt?url=http%3A%2F%2Fxtralinq.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel;r=373009946;rf=0;a=p-91mBChr87YHGg;url=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com;uht=2;fpan=1;fpa=P0-1703372353-1617809856018;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=paltalk.com;je=0;sr=1600x1200x24;dst=1;et=1617809856018;tzo=-120;ogl=type.activity%2Cimage.http%3A%2F%2Fwww%252Epaltalk%252Ecom%2Fen%2Fimages%2Fpaltalk%252Ejpg%2Cdescription.Browse%20and%20search%20thousands%20of%20free%20chat%20rooms%20to%20video%20chat%252C%20and%20IM%252E%20Looking%20fo
Date: Wed, 07 Apr 2021 15:37:36 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Thu, 08 Apr 2021 15:37:36 GMT

GET
H/1.1 200
OK Bhbul Show response
ad.doubleclick.net/ddm/adj/Bcprcu/ 11 B
629 B 64ms
47ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.doubleclick.net/ddm/adj/Bcprcu/Bhbul

Requested by

Host: obscenesidewalk.com
URL: https://obscenesidewalk.com/v2/0/hsvqLikO3uPCv8gl3N56JFd8b9uXkqowIBcvjXSoVoiNZtT5AUz_0WcT_J9bq8XZgVoAX6zkic1nNjlOn47tuIn564kB-TxAokaDxw

Protocol

HTTP/1.1

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 31
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST error
quantcount.com/log/ 0
0

GET
H2 200 Roboto-Bold.woff
www.palassets.com/fonts/Roboto/ 29 KB
29 KB 22ms
21ms Font
application/octet-stream 2606:4700::6810:cc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.palassets.com/fonts/Roboto/Roboto-Bold.woff
Requested by: Host: www.palassets.com
URL: https://www.palassets.com/fonts/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b725c00301e9f1abadb3ede25b0803d4baff120371fc951e9f1bb39496cb4d8

Request headers

Origin: http://client.paltalk.com
Referer: https://www.palassets.com/fonts/Roboto.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 18:26:05 GMT
server: cloudflare
age: 43170
etag: W/"743c-541e7e7c12940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31622400
cf-ray: 63c456918a8adfbb-FRA
cf-request-id: 094e946ef20000dfbb12307000000001
expires: Fri, 08 Apr 2022 15:37:36 GMT

GET
H2 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame B88A 3 KB
2 KB 26ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: obscenesidewalk.com
URL: https://obscenesidewalk.com/v2/0/hsvqLikO3uPCv8gl3N56JFd8b9uXkqowIBcvjXSoVoiNZtT5AUz_0WcT_J9bq8XZgVoAX6zkic1nNjlOn47tuIn564kB-TxAokaDxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://client.paltalk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Thu, 01 Apr 2021 07:32:04 GMT
expires: Fri, 01 Apr 2022 07:32:04 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 547532
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1404 Show response
check.analytics.rlcdn.com/check/ 24 B
389 B 429ms
352ms XHR
application/json 52.222.179.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/1404
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-53.ham50.r.cloudfront.net
Software: /
Resource Hash: 652bff8a8422c643c28e85c881610c09ce8a4dd9c3715654105bb985bdb447cc

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Apr 2021 15:37:36 GMT
via: 1.1 3bfd04a794dcee9eaf362ae07e8fbe20.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amzn-requestid: 609e9ed5-6fa3-4c8a-a200-d933fe5c47c1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-606dd1c0-65c0f5134f83fad6246c1e41;Sampled=0
x-amz-apigw-id: da22JE11oAMFsgA=
content-length: 24
x-amz-cf-id: 09SKf9sOOlvB8rZcZmzLB1xnPxZWKr2ySXXxB40975wuCLrsGTQa8A==

POST
H2 200 v2vkgF6cHJK_mkJdoBsSOHY9zeizGJjVSEmlSRZU9QB-UZf7JUm2p0-O2Gw-OsAF7M-0dfl9Wm53Arbr41eQEOAhwa30jUEKfyZwBHqefgg Show response
obscenesidewalk.com/ 216 B
614 B 106ms
38ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://obscenesidewalk.com/v2vkgF6cHJK_mkJdoBsSOHY9zeizGJjVSEmlSRZU9QB-UZf7JUm2p0-O2Gw-OsAF7M-0dfl9Wm53Arbr41eQEOAhwa30jUEKfyZwBHqefgg

Requested by

Host: obscenesidewalk.com
URL: https://obscenesidewalk.com/v2/0/hsvqLikO3uPCv8gl3N56JFd8b9uXkqowIBcvjXSoVoiNZtT5AUz_0WcT_J9bq8XZgVoAX6zkic1nNjlOn47tuIn564kB-TxAokaDxw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

82a220a0c4c7054890ed84c5a578d9bc6a1ed370d6e191328272c47ab650b748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 07 Apr 2021 15:37:36 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://client.paltalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 30624aca
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 07 Apr 2021 15:37:35 GMT

GET
H/1.1 200
OK vbl.gif
pre.glotgrx.com/ 26 B
607 B 13ms
13ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pre.glotgrx.com/vbl.gif?cb=1617809856933&rnd=68h0grdcsziu&ifm=0&uai=1&cid=843&s=paltalk.com&p=CLIENT_EXTERNAL_URL&x=&adtg=&ats=1600x1200&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=http%253A//client.paltalk.com/client/webapp/client/External.wmt%253Furlfl_eq843http%253A//xtralinq.com&impid=
Protocol: HTTP/1.1
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:36 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 02 Apr 2021 18:37:38 GMT
Server: cloudflare
Age: 1908
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 63c45695dd6d4e79-FRA
Content-Length: 26
cf-request-id: 094e9471a700004e79f08b5000000001
Expires: Wed, 07 Apr 2021 17:37:36 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E316 38 KB
14 KB 30ms
30ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://client.paltalk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
ETag: "13006b6-98c9-5bee62e0efabf"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14061
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=100406
Expires: Thu, 08 Apr 2021 19:31:07 GMT
Date: Wed, 07 Apr 2021 15:37:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 d
ic.tynt.com/r/ Frame 4056 0
0 382ms
126ms Document
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://client.paltalk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

server: nginx/1.16.1
date: Wed, 07 Apr 2021 15:37:41 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1

1007 B
863 B

39ms
38ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: aba4f4ffed5951210a4bffe4f25c1fb5de0883fa4282384826aff7228e5d65fc

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://client.paltalk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=5217e0b2-22cf-099f-014d-1502d02d7f52|1617809861
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=5217e0b2-22cf-099f-014d-1502d02d7f52|1617809861; Version=1; Expires=Thu, 07-Apr-2022 15:37:41 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1617809861|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 22-Apr-2021 15:37:41 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.50
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 07 Apr 2021 15:37:41 GMT
content-type: text/html
content-length: 545
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=5217e0b2-22cf-099f-014d-1502d02d7f52|1617809861; Version=1; Expires=Thu, 07-Apr-2022 15:37:41 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.50
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
date: Wed, 07 Apr 2021 15:37:41 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1968 8 KB
3 KB 53ms
28ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://client.paltalk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=19168
Expires: Wed, 07 Apr 2021 20:57:09 GMT
Date: Wed, 07 Apr 2021 15:37:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BF6E 52 KB
17 KB 88ms
28ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://client.paltalk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 04 Apr 2021 05:51:42 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 07 Apr 2021 15:37:41 GMT
Age: 35154
X-Served-By: cache-lga21979-LGA, cache-hhn4076-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 564304
X-Timer: S1617809862.610703,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame B401 0
0 24ms
22ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://client.paltalk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
set-cookie: __cfduid=dcb589fd6e59218302d7efc4f1dc67b571617809861; expires=Fri, 07-May-21 15:37:41 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 094e9483ae000026851234c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 63c456b2a8082685-TXL

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C46A 281 B
554 B 100ms
38ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: client.paltalk.com
URL: https://client.paltalk.com/yourbow_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://client.paltalk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://client.paltalk.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Apr 2021 15:37:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 um
cs.emxdgt.com/ 0
59 B 154ms
31ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:40 GMT
content-length: 0
content-type: text/html

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=index_rtb&uid=YG3Rxb8d2zsg1t4AgLkwXQAA%261152

0
115 B

109ms
109ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=index_rtb&uid=YG3Rxb8d2zsg1t4AgLkwXQAA%261152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=index_rtb&uid=YG3Rxb8d2zsg1t4AgLkwXQAA%261152
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Wed, 07 Apr 2021 15:37:41 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Ded828f76-c748-4618-9125-2ec5f3d2b4a0%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=appnexus&uid=3491064899678107002

0
141 B

109ms
109ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=appnexus&uid=3491064899678107002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:41 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid: cbb4c1e5-6851-4870-8887-31a42b26d90e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=appnexus&uid=3491064899678107002
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=pubmatic&uid=F80370A5-403E-434F-BD07-3C6E7BE0148F

0
120 B

110ms
110ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=pubmatic&uid=F80370A5-403E-434F-BD07-3C6E7BE0148F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy

Redirect headers

Location: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=pubmatic&uid=F80370A5-403E-434F-BD07-3C6E7BE0148F
Date: Wed, 07 Apr 2021 15:37:39 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET rmphb
sync.1rx.io/usersync2/ 0
0

GET
H/1.1

200
OK

setuid
x.yieldlift.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=7704662752386384295

0
574 B

119ms
119ms

Image
application/json

18.211.21.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=7704662752386384295
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.21.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-21-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept: application/json
Pragma: no-cache
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: application/json;charset=utf-8

Redirect headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:41 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.177:80
AN-X-Request-Uuid: f8e56857-5dcc-43c7-af77-bcb2e40e23c5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=7704662752386384295
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Ded828f76-c748-4618-9125-2ec5f3d2b4a0%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=sovrn&uid=ccc2d6886edc40eff5f4f32f

0
115 B

110ms
109ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=sovrn&uid=ccc2d6886edc40eff5f4f32f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://client.paltalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Date: Wed, 07 Apr 2021 15:37:41 GMT
Server: nginx
Location: https://prebid.a-mo.net/setuid?A=ed828f76-c748-4618-9125-2ec5f3d2b4a0&D=&bidder=sovrn&uid=ccc2d6886edc40eff5f4f32f
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E316 2 KB
3 KB 118ms
27ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31195565&p=159420&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d1ea75aab2fec41d534c7e4b8f1959bc2c9cc1739a2f6d31eaecc31f401c13e6

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:40 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6B55 38 KB
14 KB 31ms
31ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D

Response headers

Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
ETag: "13006b6-98c9-5bee62e0efabf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14061
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=100406
Expires: Thu, 08 Apr 2021 19:31:07 GMT
Date: Wed, 07 Apr 2021 15:37:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 157cb9af-1be4-a421-6a4c-cb1f4b5d81e6
pr-bh.ybp.yahoo.com/sync/openx/ Frame 783E 43 B
841 B 100ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/157cb9af-1be4-a421-6a4c-cb1f4b5d81e6?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Se6tNMur1Luafr5

43 B
106 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Se6tNMur1Luafr5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Apr 2021 15:37:41 GMT
Server: PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Se6tNMur1Luafr5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://x.bidswitch.net/sync?dsp_id=59&user_id=1bb40dee-d968-4478-bae7-3f997590686b&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e23eb6bc-ed67-47fa-ad13-a01ef9fa6873

43 B
106 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=e23eb6bc-ed67-47fa-ad13-a01ef9fa6873
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=e23eb6bc-ed67-47fa-ad13-a01ef9fa6873
date: Wed, 07 Apr 2021 15:37:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIWS1FN0EyNlFBQUNuRGJBdU5SUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHY-E7A26QAACnDbAuNRQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHY-E7A26QAACnDbAuNRQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHY-E7A26QAACnDbAuNRQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHY-E7A26QAACnDbAuNRQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7737864143510333931
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHY-E7A26QAACnDbAuNRQ

43 B
106 B

39ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHY-E7A26QAACnDbAuNRQ
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:42 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHY-E7A26QAACnDbAuNRQ
Date: Wed, 07 Apr 2021 15:37:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d3e606d-d1c5-4600-8b88-4fed86749405

43 B
106 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d3e606d-d1c5-4600-8b88-4fed86749405
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 07 Apr 2021 15:37:41 GMT
Server: MT3 3628 75f709e master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d3e606d-d1c5-4600-8b88-4fed86749405
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 07 Apr 2021 15:37:40 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=7Hy-_L596633db_56Hylrr9-7Pv3Kuqp7S9opH_Q

43 B
122 B

39ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=7Hy-_L596633db_56Hylrr9-7Pv3Kuqp7S9opH_Q
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=7Hy-_L596633db_56Hylrr9-7Pv3Kuqp7S9opH_Q
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4373856313672206149

43 B
106 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4373856313672206149
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4373856313672206149
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 783E 70 B
265 B 148ms
48ms Image
image/gif 108.129.45.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=81bbdfeb-8b48-3668-5b9b-ddeab40a4caf&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.45.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-45-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 783E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWRkNDBjMjEtNDIzZi02OGNjLTRlN2ItODc1MzdlZTg4MmNm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWRkNDBjMjEtNDIzZi02OGNjLTRlN2ItODc1MzdlZTg4MmNm&google_tc=

170 B
201 B

90ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWRkNDBjMjEtNDIzZi02OGNjLTRlN2ItODc1MzdlZTg4MmNm&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWRkNDBjMjEtNDIzZi02OGNjLTRlN2ItODc1MzdlZTg4MmNm&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 783E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDS9iRgYD7mNBhYs8Ak-jQ8&google_cver=1

43 B
106 B

38ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDS9iRgYD7mNBhYs8Ak-jQ8&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=85b814f7-34dd-4a07-a139-4c8ca79cb0bf&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDS9iRgYD7mNBhYs8Ak-jQ8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C46A 31 KB
10 KB 42ms
41ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 23:26:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=43915
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9418
Expires: Thu, 08 Apr 2021 03:49:36 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 99BF
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1912652238694062386

42 B
769 B

36ms
27ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1912652238694062386
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31195565&p=159420&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=true; KADUSERCOOKIE=99A9A38A-8E0B-4B46-AE46-12B196EB6758; chkChromeAb67Sec=1; DPSync3=1618963200%3A201_227_226_221; SyncRTB3=1619049600%3A35%7C1618963200%3A220_21_13_56_161; KRTBCOOKIE_80=16514-CAESEEmQbVnaaRUqitapW6ne_Q0&KRTB&22987-CAESEEmQbVnaaRUqitapW6ne_Q0&KRTB&23025-CAESEEmQbVnaaRUqitapW6ne_Q0; PugT=1617809860; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 07 Apr 2021 15:37:39 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-1912652238694062386; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:37:39 GMT; path=/ PugT=1617809859; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:37:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:37:39 GMT; path=/
X-lat: amspug015:0:526
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1912652238694062386
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D036 43 B
326 B 91ms
27ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31195565&p=159420&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Wed, 07 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1119
x-powered-by: ASP.NET
date: Wed, 07 Apr 2021 15:37:41 GMT
content-length: 43

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mamjio4LS0auRhKxlutnWA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mamjio4LS0auRhKxlutnWA%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

28ms
28ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=19168
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Wed, 07 Apr 2021 20:57:09 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame E316 95 B
596 B 59ms
36ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=99A9A38A-8E0B-4B46-AE46-12B196EB6758
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 63c456b3befa2bce-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 094e94845500002bce80138000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame E316
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=99A9A38A-8E0B-4B46-AE46-12B196EB6758&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=99A9A38A-8E0B-4B46-AE46-12B196EB6758&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

43ms
42ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=99A9A38A-8E0B-4B46-AE46-12B196EB6758&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:39 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:39 GMT
frontend-id: 8
location: /pubmatic/1/info2?sType=sync&sExtCookieId=99A9A38A-8E0B-4B46-AE46-12B196EB6758&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame E316
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&addseg=19,36,42

7 B
147 B

96ms
28ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:41 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Wed, 07 Apr 2021 15:37:41 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99A9A38A-8E0B-4B46-AE46-12B196EB6758&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame E316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlBOUEzOEEtOEUwQi00QjQ2LUFFNDYtMTJCMTk2RUI2NzU4&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlBOUEzOEEtOEUwQi00QjQ2LUFFNDYtMTJCMTk2RUI2NzU4&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

56ms
27ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:40 GMT
X-lat: amspug018:0:345
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame E316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEmQbVnaaRUqitapW6ne_Q0&google_cver=1

42 B
855 B

28ms
28ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEmQbVnaaRUqitapW6ne_Q0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:40 GMT
X-lat: amspug004:0:370
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEmQbVnaaRUqitapW6ne_Q0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame E316 43 B
608 B 98ms
30ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 06 Apr 2021 15:37:41 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E316
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6826670581792278986

42 B
801 B

139ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6826670581792278986
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 15:37:41 GMT
X-lat: lhrpug002:0:597
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:41 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6826670581792278986
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C46A 284 B
932 B 116ms
31ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C46A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJ3yiTLAaKGQjDSzgr4fME&google_cver=1

42 B
689 B

115ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJ3yiTLAaKGQjDSzgr4fME&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJ3yiTLAaKGQjDSzgr4fME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C46A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/4g_NwqVBNe-7-Jyq4we5jcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7259209832825050341

42 B
689 B

112ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7259209832825050341
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Wed, 07 Apr 2021 15:37:42 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7259209832825050341
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C46A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7M7YXV-28-4FRN&sigv=1&esig=2~87d9d6f51e25065da22b995f4fac312ab53eafa0

0
445 B

22ms
6ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7M7YXV-28-4FRN&sigv=1&esig=2~87d9d6f51e25065da22b995f4fac312ab53eafa0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:37:42 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7M7YXV-28-4FRN&sigv=1&esig=2~87d9d6f51e25065da22b995f4fac312ab53eafa0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame C46A 0
0 99ms
37ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C46A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJlYTZjZTdkMGQ4ZTdhOGM5M2QzNDE2NjkxYmZkODMwNzZmNzgxOQ

170 B
190 B

41ms
41ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJlYTZjZTdkMGQ4ZTdhOGM5M2QzNDE2NjkxYmZkODMwNzZmNzgxOQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJlYTZjZTdkMGQ4ZTdhOGM5M2QzNDE2NjkxYmZkODMwNzZmNzgxOQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C46A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YG3RxgAAAICTgAUN
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YG3RxgAAAICTgAUN&_test=YG3RxgAAAICTgAUN

42 B
689 B

30ms
30ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YG3RxgAAAICTgAUN&_test=YG3RxgAAAICTgAUN
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1617809863.734982,VS0,VE0
x-served-by: cache-hhn4045-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YG3RxgAAAICTgAUN&_test=YG3RxgAAAICTgAUN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C46A 70 B
264 B 50ms
48ms Image
image/gif 108.129.45.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.45.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-45-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C46A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TTdZWFYtMjgtNEZSTg==

170 B
190 B

38ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TTdZWFYtMjgtNEZSTg==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 15:37:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TTdZWFYtMjgtNEZSTg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame E316 0
587 B 142ms
36ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159420&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Wed, 07 Apr 2021 15:37:42 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184001

Domain: api.rlcdn.com
URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope

Domain: quantcount.com
URL: http://quantcount.com/log/error?msg=null

Domain: quantcount.com
URL: http://quantcount.com/log/error?msg=null

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D

Verdicts & Comments Add Verdict or Comment

418 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paltalk.com/	1970-01-19 19:33:05	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241617809854%3A64.56585965%3A%3A%3A50_0%2C49_0%3A1
.paltalk.com/	1970-01-23 08:59:29	Name: _vwo_uuid Value: D40D8788DB1271EDB7BD116A811B91012
.paltalk.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.paltalk.com/	1970-01-20 02:47:58	Name: __qca Value: P0-1703372353-1617809856018
.paltalk.com/	1970-01-19 17:23:31	Name: __utmb Value: 187186217.1.10.1617809856
.paltalk.com/	1970-01-19 18:06:41	Name: __cfduid Value: daa8dde57fa44107853369ca0df1c483e1617809854
.paltalk.com/	1969-12-31 23:59:59	Name: __utmc Value: 187186217
.paltalk.com/	1970-01-19 19:47:29	Name: _vis_opt_s Value: 1%7C
.paltalk.com/	1970-01-20 10:54:41	Name: __utma Value: 187186217.1133320645.1617809856.1617809856.1617809856.1
client.paltalk.com/	1970-01-20 02:45:13	Name: cto_bundle Value: ir4WUF9QWmhTVzNUeTdPNWlaJTJCY2Y3YkRzMnIxRDZ4S0RUdExvYnpEdTdZRWJoRkNFJTJGM3hTRm1YQlY2ZldmUkROM0RkMTl0cG9nM2pBTCUyRnkzZkViQ1RKNkNhTGljcGhGaFdjQ1hUY1I5YTg5SzB2c0VGMkpiRzNUNkJTa0lzVEZxd0Y0eg
.paltalk.com/	1970-01-20 02:09:05	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Apr+07+2021+17%3A37%3A36+GMT%2B0200+(Central+European+Summer+Time)&version=6.10.0&hosts=&consentId=304dba48-b122-4840-9214-8ae293dbda0e&interactionCount=0&landingPath=http%3A%2F%2Fclient.paltalk.com%2Fclient%2Fwebapp%2Fclient%2FExternal.wmt%3Furl%3Dhttp%253A%252F%252Fxtralinq.com&groups=C0001%3A1%2CC0004%3A0%2CC0003%3A0%2CC0002%3A0%2CSTACK42%3A0
.paltalk.com/	1970-01-19 17:23:31	Name: _vwo_sn Value: 0%3A1
client.paltalk.com/	1970-01-20 02:45:13	Name: cto_bidid Value: zGgEg182SXhXYTVwZHlDaUxkTUkyNFdvdDdhajhlaEpBJTJCZzczJTJGRFg2RVc3Ym5Xd1JLMk5OSmtFaTJHM2dVVkZEOWNuZ2NrMG9jQmUlMkZtTUUlMkY1Z2pTYm14MURRJTNEJTNE
.paltalk.com/	1970-01-19 21:42:41	Name: _pubcid Value: 8e80e5fb-fd4c-48a2-b633-6d7b69644dcb
.paltalk.com/	1970-01-19 17:23:30	Name: __utmt Value: 1
client.paltalk.com/client	1969-12-31 23:59:59	Name: JSESSIONID Value: node01stow3i94m0tbdsxi5o13k4jy86182.node0
client.paltalk.com/	1970-01-19 17:33:34	Name: AWSALB Value: jURzZuBv4YDtIMI/uwi+h9hQ1bphsNdbodPUfyr62Qxr8KMWeFu4V7PgwJJjh5o66+wyeQRGVWronkIw3pJ5Wf9Kzk6xwH6wDG+TJ0z4/c/7hxjPDWiFaizXVuo3
client.paltalk.com/	1970-01-19 18:06:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.paltalk.com/	1970-01-19 21:46:17	Name: __utmz Value: 187186217.1617809856.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.client.paltalk.com/	1970-01-20 02:10:32	Name: _vwo_uuid_v2 Value: D40D8788DB1271EDB7BD116A811B91012\|8418e761be8c53349985402e35342fc7

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/159420/2902/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://www.paltalk.com/responsive/js/pt-base.js?v=2972625251(Line 72) Message: smtlangu:client
console-api	log	URL: http://edge.quantserve.com/quant.js(Line 2) Message: ERROR Wed Apr 07 2021 17:37:36 GMT+0200 (Central European Summer Time) null
console-api	log	URL: http://edge.quantserve.com/quant.js(Line 2) Message: ERROR Wed Apr 07 2021 17:37:36 GMT+0200 (Central European Summer Time) null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
ads.avct.cloud
ads.pubmatic.com
ads.yahoo.com
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
aud.pubmatic.com
bh.contextweb.com
brightcombid.marphezis.com
c.amazon-adsystem.com
c1.adform.net
cdn.cookielaw.org
cdn.districtm.io
cdn01.smartling.com
check.analytics.rlcdn.com
client.paltalk.com
cm.g.doubleclick.net
cookies.onetrust.mgr.consensu.org
cs.emxdgt.com
d5p.de17a.com
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmx.districtm.io
dsp.bnmla.com
edge.quantserve.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
geolocation.onetrust.com
gg.gg
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
obscenesidewalk.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.yabidos.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
quantcount.com
rtb-csync.smartadserver.com
rules.quantcount.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
us-u.openx.net
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.palassets.com
www.paltalk.com
x.bidswitch.net
x.yieldlift.com
yourbow-d.openx.net
api.rlcdn.com
match.adsrvr.org
quantcount.com
sync.1rx.io
104.111.230.142
104.16.125.32
104.16.201.58
104.16.68.69
108.129.45.237
136.144.59.88
142.250.185.162
142.250.185.66
142.250.186.34
142.250.186.70
151.101.113.108
151.101.114.49
159.253.128.188
178.250.0.157
178.250.2.151
18.195.155.181
18.211.21.136
184.30.20.198
184.30.20.241
184.31.84.150
185.15.209.141
185.29.132.144
185.33.221.90
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.138.143
198.148.27.139
204.236.224.156
213.155.156.181
213.19.162.41
216.52.2.19
2600:9000:2093:ec00:6:44e3:f8c0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b944
2606:4700:10::ac43:db6
2606:4700::6810:4036
2606:4700::6810:9540
2606:4700::6810:cc6c
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a00:1450:400c:c0b::9d
2a02:2638::1c
3.127.88.255
34.228.125.100
34.96.102.137
34.98.64.218
35.156.19.236
35.190.91.111
35.201.96.126
35.244.174.68
37.157.6.253
38.27.122.36
52.222.179.53
52.85.32.122
54.194.211.3
54.220.102.114
67.202.110.32
69.173.144.139
69.173.144.165
77.243.60.138
04d722bb3478971c60277d1952a52bc72da00ee75e56d0b02707e816947da277
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08fed0adcc0983f5138ef86f105e4e57f57493d3da4d8337024a7f25cbfacb59
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10b73ad16cd524d6e5b81f5a4bc5542c98fb32d9d105a79298ece5ec19190d76
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
21837e4a7f42af6d935cac1ebf5bd2748faab9f1f38ef8a10dab5f8e608bbc13
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2617e2047beff3b41cb0a90815bbfe010584e05eeabdabc0264d3b0a9bb08cc8
2751954d53fdc886916f14b751fc85c4e246a3055b0d69c0aa03b0e93ed53a60
295aeade3d8e1ff891610d33487e6b07dd85c9bfa50b7a9bf8bad1386d3ce8a2
299968b14069d2be29992e13c73eeb57e5de1e7b275cb4ef536123507d855de9
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
2f61046e097d23f9c445ffbdb7cebae9e6d8bab5c8627a911473e4bfe3e3a809
3349aee223a61f75bba31ca123d694dda7a22d2cbf2887a0b4417dcfda314606
37d58ea1bb80f1085e3924206d3fd513f2efc4c6aba9b9f258602d777ec323e0
3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d69af8876700039c1ba7a45ff7c32fb7be447e8e3dac42ee20a934be93e4bba
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faa58f000c8912b721281935f5f834db7937db4b8521a642bb769544b2b140b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4224ab484df78e7350a91e48d2608fcf494bea8d0f30866d8d74e7dfa83c5dd0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f43fdb20eb8ab9c4b82b72f5466b66792ced60a4ce8059c328b449eb6994f8
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56835ac2753b2e0301d60e51917027396b06ae61cfbcb718f58c12d4a378e629
5a294e8efba0a3ea63b58d8146163b6a1e10e23e0049000e1231072dd4a87931
616e01de014d20a4509bc2d7bd59ff00c0c563d5971d23d36d63d963accc0615
6204bcefd4592f2b8dedecdd779ca27fc3e09b7fbb7aae5751edcfeaf305ef56
652bff8a8422c643c28e85c881610c09ce8a4dd9c3715654105bb985bdb447cc
67b97edae23057a78d0ac1f7de2a0a9477293488f1cf2697d1bcfc5a99e18425
67c947f69494f9ad4b2db1e2bb26acebca4d78b5c0edfcf81a4c6166ebd71257
6ab37e739d7c8a20025fc0a3a307a64531c4831004824695b7c848547c686264
6afdb4c99349e317ab25f9be5c0b6819b3910df88259f171bd36cf31c66d73c0
6e7f260d42f20a8c10a9164bf18e481cb86b19414a85c8ecfdfc356db67dc830
6f3e3a82eb9581544ef9139b9db92186ef0b4e9c2f0746ea4f917a1023b52448
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
781314fd695ede71d5e67b0442d8d6d97807bb99749644e95e8b4f376aa0cbe9
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7b836f980105af48cc460cba4d6beded383be23233b43010337cddf9642ae7d2
823c9c6d72d1c800d2ca3927bf33aaddbf3070bf73b3b56bceca52ec8330de10
82a220a0c4c7054890ed84c5a578d9bc6a1ed370d6e191328272c47ab650b748
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87327faa5881d79639a7fb978d0d42a80f23ac91eece231d70a3ac0b75cd8ef9
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
8b725c00301e9f1abadb3ede25b0803d4baff120371fc951e9f1bb39496cb4d8
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90e61304cb686a145cd7776b9abbe88f0bbb94da60c1d4509827de722fb28c2d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
aba4f4ffed5951210a4bffe4f25c1fb5de0883fa4282384826aff7228e5d65fc
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225
c143a6c942faf2017d3e449c0f1684bbd16a1dd6a1352c296ae3c68ff7c667ab
c8f1d3a2953ab09cba55eccbfb7155eee5476dace4eb3ba4a8dc457de5104384
c9d0c39162d12685d96c068609f2b9bb24016afee5c24b3e1bac2b523e30e4e9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa26d78b006b59544426bea90993340b19b904804a00cff005ff21352a25835
cb883a5ea14f82786b9474b9ee90a74f44596ee08bc73fdbf89a38cfcb1b7c2c
cc650ed8a3dceaed44d7fdb62a78d21860469dd59d4009855677ba0c12b69ce1
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c284988ae9e662ebe397a61cefb85264195065f9cf467c133afa6c81b9d652
d1ea75aab2fec41d534c7e4b8f1959bc2c9cc1739a2f6d31eaecc31f401c13e6
d466418d4c7182eb70a73da834678c1c36ce029f68658c19abddedc305a2d0dc
d68404016d87510778a33fda4091e5574ce7bba6e5bc7e1b2c6b979004a6f145
dd9725994b7082e43e5bc686ccaac9891268bc5b1cc010d10db15116feaaf084
e2507b679c0012ad9e1d5311602fb16e61cf514231c37eeaeae8cce08df92a0f
e2e6e7ccfb926d127cc925263fc8b9058b49b5b9d966acd1e192bc2c24b87b35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea1e149e53984e636fc289ef15b23338537a33ba955c86b0e82e539fe1254a42
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1196a627110c45b515d57c91e5100d46af8f08e70b6658a0b125580192cae56
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
fe1065230b5e42f5af8905d804c90682a966a547fd7dc997023ae7a9414e6918

client.paltalk.com Open in urlscan Pro 104.16.125.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

87 %HTTPS

28 %IPv6

53 Domains

80 Subdomains

59 IPs

9 Countries

1064 kBTransfer

3165 kBSize

20 Cookies

45 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

client.paltalk.com Open in urlscan Pro
104.16.125.32 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

87 %
HTTPS

28 %
IPv6

53
Domains

80
Subdomains

59
IPs

9
Countries

1064 kB
Transfer

3165 kB
Size

20
Cookies

131 HTTP transactions
0 data transactions