gplinks.co Open in urlscan Pro
2606:4700:3031::681f:48fc Public Scan

URL: https://gplinks.in/payout-rates
Title: Publisher Rates

URL: https://www.youtube.com/channel/UC6sbLB-voyY-t2_6ixEYAAw
Title: Payment Proof

URL: https://gplinks.in/auth/signin
Title: Login

URL: https://gplinks.in/auth/signup
Title: Sign Up

URL: https://gplinks.in/pages/privacy
Title: Privacy Policy

URL: https://gplinks.in/pages/terms
Title: Terms of Use

URL: https://gplinks.in/pages/dmca
Title: DMCA

URL: https://facebook.com/gpmojo

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/2Q8Zf8O HTTP 301
https://gplinks.co/GKoC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 64

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211d04fccd60ab72%22%2C%22pid%22%3A%2222217566%22%2C%22tid%22%3A%22e2e61959-9647-45e2-874c-8e5054332fe3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%2212f857ec5d0440d%22%2C%22pid%22%3A%2222217567%22%2C%22tid%22%3A%22cc00153a-2cac-4028-b84a-b89b69b70300%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22136d609c8af1506%22%2C%22pid%22%3A%2222217559%22%2C%22tid%22%3A%2256479590-d4bd-4868-ab2f-4710b0b8f362%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2214bcb234530a1c%22%2C%22pid%22%3A%2222217558%22%2C%22tid%22%3A%22817223b3-b31d-458d-9b70-5c5cf028d3cc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22157625674fef4ea%22%2C%22pid%22%3A%2222217557%22%2C%22tid%22%3A%2269500ed6-8511-4e59-b4d7-41c4c427564c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211d04fccd60ab72%22%2C%22pid%22%3A%2222217566%22%2C%22tid%22%3A%22e2e61959-9647-45e2-874c-8e5054332fe3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%2212f857ec5d0440d%22%2C%22pid%22%3A%2222217567%22%2C%22tid%22%3A%22cc00153a-2cac-4028-b84a-b89b69b70300%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22136d609c8af1506%22%2C%22pid%22%3A%2222217559%22%2C%22tid%22%3A%2256479590-d4bd-4868-ab2f-4710b0b8f362%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2214bcb234530a1c%22%2C%22pid%22%3A%2222217558%22%2C%22tid%22%3A%22817223b3-b31d-458d-9b70-5c5cf028d3cc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22157625674fef4ea%22%2C%22pid%22%3A%2222217557%22%2C%22tid%22%3A%2269500ed6-8511-4e59-b4d7-41c4c427564c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D

Request Chain 65

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166fc6e14aa3ae%22%2C%22pid%22%3A%2222217556%22%2C%22tid%22%3A%2223fdd13a-f719-4fa1-aebe-bb153c0c79b8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2217bdf65d482baf4%22%2C%22pid%22%3A%2222217555%22%2C%22tid%22%3A%22a33f6553-1791-435b-a785-c1ab4187adcc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22187c1fd35c5e0cd%22%2C%22pid%22%3A%2222219964%22%2C%22tid%22%3A%22cc0f0b16-5679-48b0-b473-5d9c702fca06%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22199c02fabbd6288%22%2C%22pid%22%3A%2222238876%22%2C%22tid%22%3A%2205285aa2-26ca-4674-bb03-2050831766d8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166fc6e14aa3ae%22%2C%22pid%22%3A%2222217556%22%2C%22tid%22%3A%2223fdd13a-f719-4fa1-aebe-bb153c0c79b8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2217bdf65d482baf4%22%2C%22pid%22%3A%2222217555%22%2C%22tid%22%3A%22a33f6553-1791-435b-a785-c1ab4187adcc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22187c1fd35c5e0cd%22%2C%22pid%22%3A%2222219964%22%2C%22tid%22%3A%22cc0f0b16-5679-48b0-b473-5d9c702fca06%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22199c02fabbd6288%22%2C%22pid%22%3A%2222238876%22%2C%22tid%22%3A%2205285aa2-26ca-4674-bb03-2050831766d8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

Request Chain 83

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=2128068444612194472&gdpr=1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/10/7/3.gif?puid=3655635022418722052&gdpr=1&gdpr_consent=

Request Chain 88

https://loadus.exelator.com/load/?p=104&g=891&j=0&buid=acda44fa336c42ca9db72d2fa1e9daa1_nl HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 89

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Da7149a00-37d9-4eb8-824a-af9fa54ce97b HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253Da7149a00-37d9-4eb8-824a-af9fa54ce97b HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=2128068444612194472&pid=11528&ref=&hn_ver=10&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b&google_gid=CAESELQ9izoeGyktqWA8M5--udU&google_cver=1

Request Chain 91

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b&fck=18d9715b178f9977&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=1217d929e2df8c3c32a6f290d4ecceb7&fck=18d9715b178f9977

Request Chain 92

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da7149a00-37d9-4eb8-824a-af9fa54ce97b HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da7149a00-37d9-4eb8-824a-af9fa54ce97b HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FE861F89-0E66-49D4-AD31-792B201A446A&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b

Request Chain 93

https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
https://s.cpx.to/sync?dsp_uid=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa&dsp=BIDSWITCH

Request Chain 122

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616695&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616695&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9=

Request Chain 126

https://server.exposebox.com/rcm HTTP 302
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22a

Request Chain 127

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41&tbid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&query=taboola_hm%3Dc90ad108-9c1d-4ee0-8008-44e0c9a8ab41&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41&excid=218&query=taboola_hm%3Dc90ad108-9c1d-4ee0-8008-44e0c9a8ab41

Request Chain 129

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Ftrc.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253Dc0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8%2525253D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Ftrc.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253Dc0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8%2525253D&mm_bnc&mm_bct&UUID=1f9b5e6a-9e31-4800-8512-cef9d58c15e0 HTTP 302
https://px.powerlinks.com/user/sync/dsps?userId=1f9b5e6a-9e31-4800-8512-cef9d58c15e0&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3Dc0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8%253D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8%3D

Request Chain 130

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=58fa5e6a-9e2f-4100-a3de-ad648c0492c4

Request Chain 131

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qaArM8OsOkl8&ev=1&pid=562107

Request Chain 132

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6qnrOZWyb8ApttUZoAIe&pi=taboola&tc=1

Request Chain 133

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBbW2OgNIZKbQ-L-IiurvJ4&google_cver=1

Request Chain 135

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472

Request Chain 136

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef45c52c-253f-4d81-b325-cab4e53e2a6f

Request Chain 137

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=669c4533-84cf-48c9-8c2e-0f40f3d22d27-tuct56423b0 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 140

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=5c8aec74-f27f-4f58-8890-9444de3c0884&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa

Request Chain 144

https://server.exposebox.com/rcm HTTP 302
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22b

Request Chain 145

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&tbid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090

Request Chain 147

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Ftrc.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253DHVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%2525253D HTTP 302
https://px.powerlinks.com/user/sync/dsps?userId=1f9b5e6a-9e31-4800-8512-cef9d58c15e0&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DHVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%253D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D

Request Chain 148

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=3fa15e6a-9e31-4400-bc2a-b2534f915e3b HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=3fa15e6a-9e31-4400-bc2a-b2534f915e3b

Request Chain 149

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gWTO7I825afF&ev=1&pid=562107

Request Chain 150

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola&tc=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1

Request Chain 154

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc3612ec-4310-42db-bbc9-b2a1900f0f86

Request Chain 156

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819618501349458&expires=30&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=c3b0fef8-0d58-4a9f-91c9-d96210524ec3

Request Chain 158

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 163

https://server.exposebox.com/rcm HTTP 302
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf21n

Request Chain 164

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&tbid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090

Request Chain 166

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D

Request Chain 167

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=1f9b5e6a-9e31-4800-8512-cef9d58c15e0

Request Chain 168

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=J3fqjAazYhs6&ev=1&pid=562107

Request Chain 169

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1

Request Chain 173

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc3612ec-4310-42db-bbc9-b2a1900f0f86

Request Chain 175

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=e2c2bdb8-9f22-4ede-89bf-d37606479066&expires=10&ssp=taboola&bsw_param=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=340&user_id=e2c2bdb8-9f22-4ede-89bf-d37606479066&expires=10&ssp=taboola&bsw_param=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=c3b0fef8-0d58-4a9f-91c9-d96210524ec3

Request Chain 177

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=8855c616-739f-4f78-9371-3f7deb3c6aa0-tuct56423b0 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NTqnjkK8RtKkC4NeWfA91g&google_cm&publisher_dsp_id=340 HTTP 302
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEJuQN-mgmQJFI2dMDcQEWUE&google_cver=1 HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEJuQN-mgmQJFI2dMDcQEWUE&google_cver=1

Request Chain 192

https://id5-sync.com/match?publisher_user_id=353aa78e-42bc-46d2-a40b-835e59f03dd6&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://id5-sync.com/c/124/124/1/1.gif?puid=353aa78e-42bc-46d2-a40b-835e59f03dd6&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 302
https://id5-sync.com/c/124/101/0/2.gif?puid=1d664abf-14cd-4f24-821c-ba00e12c499a&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOSN4_p_eIhodm084q7r7N2Vdumd5GUspYwpDgFA&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA

Request Chain 193

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 302
https://ice.360yield.com/match?external_user_id=8691296977222761242&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 302
https://ice.360yield.com/ul_cb/match?external_user_id=8691296977222761242&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA

Request Chain 194

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=353aa78e-42bc-46d2-a40b-835e59f03dd6&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585255219&external_user_id=3655635022418722052

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwIQfQCLAAAENDA-AAAAujAAA&external_user_id=CAESEFtxqMDhh_Zyp2378pzV6mg&google_cver=1

203 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request GKoC Show response
gplinks.co/
Redirect Chain

https://bit.ly/2Q8Zf8O
https://gplinks.co/GKoC

65 KB
20 KB

541ms
516ms

Document
text/html

2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62648a8a9ff9f0543c64891e28f7d867ba4478974d285fcf591ea0634fa4d78c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gplinks.co
:scheme: https
:path: /GKoC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Thu, 12 Mar 2020 20:40:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dad16e6bd15cff02392d84c7b9b5f37b41584045614; expires=Sat, 11-Apr-20 20:40:14 GMT; path=/; domain=.gplinks.co; HttpOnly; SameSite=Lax; Secure AppSession=cc8ade958b946a572730c174a7ef0cc7; path=/; HttpOnly; secure csrfToken=6881a8c97b4d83225b4f41ab0f486fb3bcfa216ac5891311688d149768b8d422532feb1226cd155044e8625ff1eb7c8b240a321a3a3d5fb9c43564cb83ef61a6; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 573054445974c27c-FRA
content-encoding: br

Redirect headers

status: 301
server: nginx
date: Thu, 12 Mar 2020 20:40:14 GMT
content-type: text/html; charset=utf-8
content-length: 110
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://gplinks.co/GKoC
referrer-policy: unsafe-url
set-cookie: _bit=k2ckEe-19ac681ae57dddba70-00I; Domain=bit.ly; Expires=Tue, 08 Sep 2020 20:40:14 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 css
fonts.googleapis.com/ 7 KB
891 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95f365b3ee62f2ca2655a64df8afa9c859c90876c4572a640b341f9d10c497d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 20:40:15 GMT
server: ESF
date: Thu, 12 Mar 2020 20:40:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 styles.min.css
gplinks.co/modern_theme/build/css/ 187 KB
31 KB 18ms
17ms Stylesheet
text/css 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/modern_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 785229
status: 200
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 573054483dadc27c-FRA
expires: Thu, 02 Apr 2020 18:33:05 GMT

GET
H2 200 newlogo.png
gplinks.in/img/ 32 KB
32 KB 53ms
30ms Image
image/png 2606:4700:20::681a:b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.in/img/newlogo.png

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4cef9cc9701b38bfc148abc105f3c354c13728a7e7e450ee33880905b7f500e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 342956
cf-polished: pngoptimizer, origSize=37009, status=vary_header_present
status: 200
strict-transport-security: max-age=15552000; preload
content-length: 32521
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Sep 2019 14:17:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/png
cf-bgj: imgq:85
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 573054485e0ed6f5-FRA
expires: Mon, 08 Mar 2021 21:24:19 GMT

GET
H2 200 ads.js Show response
gplinks.co/js/ 190 B
335 B 12ms
12ms Script
application/javascript 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/js/ads.js

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 401160
cf-polished: origSize=191
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 573054483db1c27c-FRA
expires: Tue, 07 Apr 2020 05:14:15 GMT

GET
H2 200 sw.js Show response
gplinks.co/ 90 KB
32 KB 17ms
17ms Script
application/javascript 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/sw.js

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf9584c9347aabc3c8f00cc6df11cc7a3c5d7e4774ce80a1db0fca4614e325b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 785229
cf-polished: origSize=92313
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Sep 2019 14:16:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 573054483db6c27c-FRA
expires: Thu, 02 Apr 2020 18:33:05 GMT

GET
H2 200 index.html Show response
gplinks.co/advertising/campaign-20/ Frame C5E1 9 KB
2 KB 456ms
456ms Document
text/html 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/advertising/campaign-20/index.html

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8975941fe26f05f7efc7ae4c352e67485efd828cad7195316e897b62e81651cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gplinks.co
:scheme: https
:path: /advertising/campaign-20/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://gplinks.co/GKoC
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dad16e6bd15cff02392d84c7b9b5f37b41584045614; AppSession=cc8ade958b946a572730c174a7ef0cc7; csrfToken=6881a8c97b4d83225b4f41ab0f486fb3bcfa216ac5891311688d149768b8d422532feb1226cd155044e8625ff1eb7c8b240a321a3a3d5fb9c43564cb83ef61a6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://gplinks.co/GKoC

Response headers

status: 200
date: Thu, 12 Mar 2020 20:40:15 GMT
content-type: text/html
last-modified: Sun, 08 Mar 2020 21:13:50 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 573054484dbdc27c-FRA
content-encoding: br

GET
H2 200 index.html Show response
gplinks.co/advertising/campaign-18/ Frame 80F0 8 KB
3 KB 471ms
470ms Document
text/html 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/advertising/campaign-18/index.html

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60c9385234e2f3f17ec35f439978ebf9b7a4a4ef1605d736206b369398f2e22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gplinks.co
:scheme: https
:path: /advertising/campaign-18/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://gplinks.co/GKoC
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dad16e6bd15cff02392d84c7b9b5f37b41584045614; AppSession=cc8ade958b946a572730c174a7ef0cc7; csrfToken=6881a8c97b4d83225b4f41ab0f486fb3bcfa216ac5891311688d149768b8d422532feb1226cd155044e8625ff1eb7c8b240a321a3a3d5fb9c43564cb83ef61a6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://gplinks.co/GKoC

Response headers

status: 200
date: Thu, 12 Mar 2020 20:40:15 GMT
content-type: text/html
last-modified: Sun, 08 Mar 2020 20:32:22 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 573054484dcdc27c-FRA
content-encoding: br

GET
H2 200 index.html Show response
gplinks.co/advertising/campaign-15/ Frame 6A0D 12 KB
3 KB 458ms
458ms Document
text/html 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/advertising/campaign-15/index.html

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1beb285bf80f4e9f0ef4af81624f22eb95f813b5e201e17f2c89e7b366c146f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gplinks.co
:scheme: https
:path: /advertising/campaign-15/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://gplinks.co/GKoC
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dad16e6bd15cff02392d84c7b9b5f37b41584045614; AppSession=cc8ade958b946a572730c174a7ef0cc7; csrfToken=6881a8c97b4d83225b4f41ab0f486fb3bcfa216ac5891311688d149768b8d422532feb1226cd155044e8625ff1eb7c8b240a321a3a3d5fb9c43564cb83ef61a6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://gplinks.co/GKoC

Response headers

status: 200
date: Thu, 12 Mar 2020 20:40:15 GMT
content-type: text/html
last-modified: Fri, 07 Feb 2020 19:07:32 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 573054484dd1c27c-FRA
content-encoding: br

GET
H2 200 home.jpg
gplinks.in/img/ 58 KB
58 KB 50ms
33ms Image
image/jpeg 2606:4700:20::681a:b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.in/img/home.jpg

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae81166c709f946daf618f2c189f988979e7b096a7627dda37d5dd3763a4124

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2858140
cf-polished: degrade=85, origSize=62768, status=vary_header_present
status: 200
strict-transport-security: max-age=15552000; preload
content-length: 59419
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2019 04:28:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
cf-bgj: imgq:85
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 573054485e12d6f5-FRA
expires: Sun, 07 Feb 2021 18:44:35 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
last-modified: Fri, 06 Mar 2020 12:22:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e624096-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5730544848fd1f19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sat, 14 Mar 2020 20:40:15 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v20/ 24 KB
24 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v20/7Auwp_0qiz-afTLGLQjUwkQ.woff2

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 00:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 23:41:33 GMT
server: sffe
age: 3182377
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 24884
x-xss-protection: 0
expires: Thu, 04 Feb 2021 00:40:38 GMT

GET
H2 200 footer.jpg
gplinks.co/modern_theme/build/img/ 13 KB
13 KB 23ms
23ms Image
image/jpeg 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.co/modern_theme/build/img/footer.jpg

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 785228
status: 200
content-length: 13309
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 573054488e8bc27c-FRA
expires: Wed, 03 Mar 2021 18:33:07 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 01:03:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 675400
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Fri, 05 Mar 2021 01:03:35 GMT

GET
H2 200 fontawesome-webfont.woff2
gplinks.co/modern_theme/build/fonts/ 75 KB
76 KB 13ms
12ms Font
font/woff2 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/modern_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/modern_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 180423
status: 200
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 573054488e97c27c-FRA
expires: Tue, 17 Mar 2020 18:33:12 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 04:11:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 577729
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Sat, 06 Mar 2021 04:11:26 GMT

GET
H/1.1 200
OK 3105231 Show response
inpagepush.com/400/ 45 KB
16 KB 84ms
19ms Script
application/javascript 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3105231

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

b6723a5bad0568747057b27bbc0b5572197e5ac3f1bf45d246b42a3bad7d2f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Trace-Id: c76187c6e47839a338fda156395ac5ce
Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 742 B
862 B 32ms
17ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9420d44bc9cfeead687ff3e16166162c4abe5a80cf804c0ee9fea3b6ae1a813

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 472
x-xss-protection: 1; mode=block
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 script.min.js Show response
gplinks.co/modern_theme/build/js/ 202 KB
57 KB 17ms
15ms Script
application/javascript 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/modern_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 785228
status: 200
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 57305448df51c27c-FRA
expires: Thu, 02 Apr 2020 18:33:07 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 64 KB
10 KB 64ms
30ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: b0fd810fe0c9ee53e10be7106212f10b4efb5e00a8ef04ceb8d3f08bbc4dde25

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9877
expires: Fri, 13 Mar 2020 20:40:15 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 58ms
25ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2602
expires: Fri, 13 Mar 2020 20:39:31 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 64 KB
10 KB 66ms
33ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: c3348f4c68d2e2d3c3a34abe1b4bc9983c802749a713989906dca3588ff90afd

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 13 Mar 2020 20:40:15 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 59ms
25ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2602
expires: Fri, 13 Mar 2020 20:39:34 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 64 KB
10 KB 73ms
40ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 21caf3de181a96809fbec689698344798aae1dc412cc5a72e1d1450f72bde5bf

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 13 Mar 2020 20:40:15 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 60ms
26ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2602
expires: Fri, 13 Mar 2020 20:39:20 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 61 KB
9 KB 70ms
36ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=6
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 43945d6df2de87e4f520fd2285b90d102208f2c0e1144438fde7377d680428d3

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 13 Mar 2020 20:40:15 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 62ms
29ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2602
expires: Fri, 13 Mar 2020 20:39:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134987322-3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63bf1ed6c9758b5a6910c7c2bb174ef37adbac6c06892f6c04f63a4e7d2faef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28540
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 18:08:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame C5E1 12 KB
4 KB 8ms
7ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-20/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gplinks.co/advertising/campaign-20/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
last-modified: Fri, 06 Mar 2020 12:22:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e624096-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5730544b19b01f19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sat, 14 Mar 2020 20:40:15 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame 6A0D 12 KB
4 KB 7ms
7ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-15/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gplinks.co/advertising/campaign-15/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
last-modified: Fri, 06 Mar 2020 12:22:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e624096-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5730544b29c81f19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sat, 14 Mar 2020 20:40:15 GMT

GET
H2 200 c3cbc0e09dc65297de69b7fd5631d3d0.js Show response
gplinks.co/advertising/campaign-20/ Frame C5E1 57 KB
15 KB 15ms
15ms Script
application/javascript 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/advertising/campaign-20/c3cbc0e09dc65297de69b7fd5631d3d0.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785c9e2c6b175d145bf31b0c3e1d92781faa16a761653329a49d5956a0b82fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/advertising/campaign-20/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 180628
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Sun, 08 Mar 2020 21:13:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5730544b2de9c27c-FRA
expires: Thu, 09 Apr 2020 18:29:46 GMT

GET
H2 200 EmbedCanvas.js Show response
gplinks.co/advertising/campaign-15/js/ Frame 6A0D 80 KB
21 KB 16ms
15ms Script
application/javascript 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/advertising/campaign-15/js/EmbedCanvas.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc8aa547f821273d8ffe7bbfbf1deefbaa51e0776c47098228bb0cf8e93517d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/advertising/campaign-15/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 785229
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Feb 2020 19:07:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5730544b3df8c27c-FRA
expires: Thu, 02 Apr 2020 18:33:06 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame 80F0 12 KB
4 KB 7ms
7ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-18/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gplinks.co/advertising/campaign-18/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
last-modified: Fri, 06 Mar 2020 12:22:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e624096-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5730544b39f01f19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sat, 14 Mar 2020 20:40:15 GMT

GET
H2 200 f37c272ce0ed6a38189db6557f2990f5.js Show response
gplinks.co/advertising/campaign-18/ Frame 80F0 60 KB
15 KB 17ms
16ms Script
application/javascript 2606:4700:3031::681f:48fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gplinks.co/advertising/campaign-18/f37c272ce0ed6a38189db6557f2990f5.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:48fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3689927dcf93352772e9884a1f2bfad7717ad4575dca1f60d4f07a20f72367a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gplinks.co/advertising/campaign-18/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 180628
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Sun, 08 Mar 2020 20:32:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5730544b4e38c27c-FRA
expires: Thu, 09 Apr 2020 18:29:47 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 118ms
29ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:15 GMT
Server: nginx
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 16ms
14ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 19:01:35 GMT
server: nginx
etag: "779a-30ad-59ba5857e2265"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3955
expires: Fri, 13 Mar 2020 20:39:18 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 17ms
15ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Fri, 13 Mar 2020 20:40:01 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 58ms
20ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 107ms
23ms Script
application/javascript 13.225.73.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1083b
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 04:05:18 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 2133298
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: nvbbij9eBxQOklPDMuksUc59ppBm1dvEbpqihKBtYKqBAOXjKXs0iA==

GET
H2

200

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

24 KB
8 KB

61ms
14ms

Script
application/x-javascript

68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC2) /
Resource Hash: 0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2020 10:13:07 GMT
server: ECS (amb/6BC2)
age: 37570
x-n: S
etag: "0f11d3e54b5ff26b5828eaa172f1ef2a:1580119987"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8149

Redirect headers

Location: https://ced-ns.sascdn.com/diff/js/smart.js
Date: Thu, 12 Mar 2020 20:40:15 GMT
Cache-Control: private
Content-Length: 159
Content-Type: text/html; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
329 B 308ms
15ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 107ms
24ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:15 GMT
Last-Modified: Tue, 27 Nov 2018 14:13:54 GMT
Server: nginx/1.14.2
ETag: "5bfd5122-a72"
X-IPLB-Instance: 29923
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H2 200 /
onetag-sys.com/usync/ Frame 7E18 0
0 84ms
24ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1584045615891

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1584045615891
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://gplinks.co/GKoC
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://gplinks.co/GKoC

Response headers

status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=IYvVp0-fXSlkxC50gJ-ZA8aD6IG3cAyl42vpJ6KFhro; path=/; expires=Sat, 12 Mar 2022 20:40:15; domain=onetag-sys.com; SameSite=None; Secure;
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2 200 /
spl.zeotap.com/ Frame D0CB 0
0 55ms
38ms Document
text/html 2606:4700:10::6814:8338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://gplinks.co/GKoC
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://gplinks.co/GKoC

Response headers

status: 200
date: Thu, 12 Mar 2020 20:40:15 GMT
content-type: text/html
set-cookie: __cfduid=d2e1ef20c0e36259286be9f2f93bccbd21584045615; expires=Sat, 11-Apr-20 20:40:15 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=bd150540-1f9e-4eb5-40ba-148b2cf6bce1; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=bd150540-1f9e-4eb5-40ba-148b2cf6bce1; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%C1q3E%CC%B8%B8%97%C9%90%25%ED9%E5%E4%C5%B8F%24%B5%89%DE%81%01%FCG%FA%96%DE%281I%3F%00%B8%A1l8T%2FQ%EE%9F%7B%C4%26%D2%23%FF%CFX%23%DA%02m%2FF%C7%E0%21%80%C6D%82%B1%C5%1B%8A%F4%BF%FE%CA%11%C4%C3%D6tMu%16s%8B%EC%E5%9E%07%BC%EF%0C; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers: *
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5730544b7bdc6467-FRA
content-encoding: br

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 118ms
24ms Script
application/x-javascript 91.228.74.143
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.143 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12-Mar-2020 20:40:15 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Thu, 19 Mar 2020 20:40:15 GMT

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 109ms
24ms Script
text/javascript 13.225.84.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-175.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 08:10:07 GMT
Via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 46926
X-Cache: Hit from cloudfront
Content-Type: text/javascript
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: vTYtQ2lm4el_zUqAsibzXLpAjw6HrBPrmc6sp_N8F7aoR7wuk5J7hQ==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 0
454 B 95ms
37ms Script
text/javascript 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Mar 2020 20:20:27 GMT
Server: Apache
ETag: "905079-0-5a0ae1570271a"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2592
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 20
Expires: Thu, 12 Mar 2020 21:23:27 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_445_2/build/dist/ 407 KB
408 KB 15ms
15ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c0e9940676227b089871a760a8bcdd5632b8d0057e710c8862240a753fa2d26

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:15 GMT
last-modified: Fri, 06 Mar 2020 16:16:02 GMT
server: nginx
etag: "45703-65b8f-5a031f84724e8"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 416655
expires: Fri, 13 Mar 2020 20:39:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134987322-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 404
date: Thu, 12 Mar 2020 20:33:31 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 12 Mar 2020 22:33:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C5E1 2 KB
591 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-20/c3cbc0e09dc65297de69b7fd5631d3d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1773a3a7cfc2a4792cb0aad6c1325b2c7dec90fa17a66f6cf134701665427aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/advertising/campaign-20/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 20:40:15 GMT
server: ESF
date: Thu, 12 Mar 2020 20:40:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A0D 719 B
439 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Viga:400

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-15/js/EmbedCanvas.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a474f83caa7be457d257e5b5981d0070a48dd30860c5797512d1c3b7824c6037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/advertising/campaign-15/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 20:40:15 GMT
server: ESF
date: Thu, 12 Mar 2020 20:40:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A0D 1 KB
565 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-15/js/EmbedCanvas.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

319cefeabf259c1ca6d581fdca1acff5501cc03e3996e59a7f5ffbe44317b9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/advertising/campaign-15/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 20:40:15 GMT
server: ESF
date: Thu, 12 Mar 2020 20:40:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A0D 1 KB
522 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-15/js/EmbedCanvas.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5786169e3d27d20fcd9a5dd1b55cb206b80ae8b70b26166b5ec006c795803b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/advertising/campaign-15/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 20:40:15 GMT
server: ESF
date: Thu, 12 Mar 2020 20:40:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 80F0 767 B
446 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: gplinks.co
URL: https://gplinks.co/advertising/campaign-18/f37c272ce0ed6a38189db6557f2990f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731f0eeb9aa444016a32f16bed3c3810d62053124773ed74d2cf726a6d174f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/advertising/campaign-18/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 20:40:15 GMT
server: ESF
date: Thu, 12 Mar 2020 20:40:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Mar 2020 20:40:15 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 22ms
21ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2014874026&t=pageview&_s=1&dl=https%3A%2F%2Fgplinks.co%2FGKoC&ul=en-us&de=UTF-8&dt=GPlinks&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1483977166&gjid=330642024&cid=1680438065.1584045616&tid=UA-134987322-3&_gid=1233117366.1584045616&_r=1&gtm=2ou340&z=1547650982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 80F0 304 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9b48d22c17ac38f8e1293986a3f0538d349721eea4c7af439755aa41f67e499

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
710 B 47ms
28ms Script
application/javascript 2606:4700:e4::ac40:ae0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ae0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Mar 2020 11:11:59 GMT
server: cloudflare
age: 934
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1800
cf-ray: 5730544bfe8f16ee-FRA
x-amz-request-id: 0523613C472695FA
x-amz-id-2: vuXjt3ItoC/oV4lnH/mCnEcwEdQgqccYER2YAfXC8GMJ1cfwkCVldUrXEZztaTEtVZiMoGdmqpc=

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 75 B
270 B 76ms
14ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=11&formatid=video&size=desktop&country=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
server: nginx
x-powered-by: PHP/5.4.45
status: 200
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 75
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 626 B
658 B 77ms
15ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=2&formatid=26300&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: f5bf578dec8786e01cc4b2ee52baaee73140dacfbf83350fb8adb6c7769d0158

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 427
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 627 B
660 B 77ms
15ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=19&formatid=26711&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 41d3eb666b460d6ca0dd1a1816b261b83e2727fa381ce1e5658b3bd85089965e

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 429
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 624 B
659 B 78ms
16ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=1&formatid=26322&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 09296de6022446f075b3c6296d2150ab24199838d6078ff541008a818d20d3be

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 428
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
666 B 77ms
16ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 3ee290be9f719cdb4ebc1abf0725ac88e93111c8d3b9d88c591f28321ae4147a

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 435
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
661 B 76ms
15ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=3&formatid=26323&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: fec6cdbada666b46b5bb7c3d15180d906b4d48c9562c58cee07315450e8281cf

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 430
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 633 B
669 B 77ms
17ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=20&formatid=26706&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: f919c528998c8c5f3ef179ef36fb31b538565d5fee60f7c1facb46729fb4c9ec

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 438
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
661 B 78ms
17ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=55814&adid=31&formatid=39287&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: ba53fcf007fe8b3663a6134b33bc11a10c45e810ea34c1a0eead187c15bdd56a

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 430
expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgpli...

0
-1 B

82ms
22ms

XHR
text/plain

52.29.14.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211d04fccd60ab72%22%2C%22pid%22%3A%2222217566%22%2C%22tid%22%3A%22e2e61959-9647-45e2-874c-8e5054332fe3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%2212f857ec5d0440d%22%2C%22pid%22%3A%2222217567%22%2C%22tid%22%3A%22cc00153a-2cac-4028-b84a-b89b69b70300%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22136d609c8af1506%22%2C%22pid%22%3A%2222217559%22%2C%22tid%22%3A%2256479590-d4bd-4868-ab2f-4710b0b8f362%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2214bcb234530a1c%22%2C%22pid%22%3A%2222217558%22%2C%22tid%22%3A%22817223b3-b31d-458d-9b70-5c5cf028d3cc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22157625674fef4ea%22%2C%22pid%22%3A%2222217557%22%2C%22tid%22%3A%2269500ed6-8511-4e59-b4d7-41c4c427564c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
access-control-allow-origin: https://gplinks.co
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211d04fccd60ab72%22%2C%22pid%22%3A%2222217566%22%2C%22tid%22%3A%22e2e61959-9647-45e2-874c-8e5054332fe3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%2212f857ec5d0440d%22%2C%22pid%22%3A%2222217567%22%2C%22tid%22%3A%22cc00153a-2cac-4028-b84a-b89b69b70300%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22136d609c8af1506%22%2C%22pid%22%3A%2222217559%22%2C%22tid%22%3A%2256479590-d4bd-4868-ab2f-4710b0b8f362%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2214bcb234530a1c%22%2C%22pid%22%3A%2222217558%22%2C%22tid%22%3A%22817223b3-b31d-458d-9b70-5c5cf028d3cc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22157625674fef4ea%22%2C%22pid%22%3A%2222217557%22%2C%22tid%22%3A%2269500ed6-8511-4e59-b4d7-41c4c427564c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Thu, 12 Mar 2020 20:40:16 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211d04fccd60ab72%22%2C%22pid%22%3A%2222217566%22%2C%22tid%22%3A%22e2e61959-9647-45e2-874c-8e5054332fe3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%2212f857ec5d0440d%22%2C%22pid%22%3A%2222217567%22%2C%22tid%22%3A%22cc00153a-2cac-4028-b84a-b89b69b70300%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22136d609c8af1506%22%2C%22pid%22%3A%2222217559%22%2C%22tid%22%3A%2256479590-d4bd-4868-ab2f-4710b0b8f362%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2214bcb234530a1c%22%2C%22pid%22%3A%2222217558%22%2C%22tid%22%3A%22817223b3-b31d-458d-9b70-5c5cf028d3cc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22157625674fef4ea%22%2C%22pid%22%3A%2222217557%22%2C%22tid%22%3A%2269500ed6-8511-4e59-b4d7-41c4c427564c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://gplinks.co
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgpli...

0
-1 B

82ms
22ms

XHR
text/plain

52.29.14.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166fc6e14aa3ae%22%2C%22pid%22%3A%2222217556%22%2C%22tid%22%3A%2223fdd13a-f719-4fa1-aebe-bb153c0c79b8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2217bdf65d482baf4%22%2C%22pid%22%3A%2222217555%22%2C%22tid%22%3A%22a33f6553-1791-435b-a785-c1ab4187adcc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22187c1fd35c5e0cd%22%2C%22pid%22%3A%2222219964%22%2C%22tid%22%3A%22cc0f0b16-5679-48b0-b473-5d9c702fca06%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22199c02fabbd6288%22%2C%22pid%22%3A%2222238876%22%2C%22tid%22%3A%2205285aa2-26ca-4674-bb03-2050831766d8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
access-control-allow-origin: https://gplinks.co
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166fc6e14aa3ae%22%2C%22pid%22%3A%2222217556%22%2C%22tid%22%3A%2223fdd13a-f719-4fa1-aebe-bb153c0c79b8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2217bdf65d482baf4%22%2C%22pid%22%3A%2222217555%22%2C%22tid%22%3A%22a33f6553-1791-435b-a785-c1ab4187adcc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22187c1fd35c5e0cd%22%2C%22pid%22%3A%2222219964%22%2C%22tid%22%3A%22cc0f0b16-5679-48b0-b473-5d9c702fca06%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22199c02fabbd6288%22%2C%22pid%22%3A%2222238876%22%2C%22tid%22%3A%2205285aa2-26ca-4674-bb03-2050831766d8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Thu, 12 Mar 2020 20:40:16 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166fc6e14aa3ae%22%2C%22pid%22%3A%2222217556%22%2C%22tid%22%3A%2223fdd13a-f719-4fa1-aebe-bb153c0c79b8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2217bdf65d482baf4%22%2C%22pid%22%3A%2222217555%22%2C%22tid%22%3A%22a33f6553-1791-435b-a785-c1ab4187adcc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22187c1fd35c5e0cd%22%2C%22pid%22%3A%2222219964%22%2C%22tid%22%3A%22cc0f0b16-5679-48b0-b473-5d9c702fca06%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22199c02fabbd6288%22%2C%22pid%22%3A%2222238876%22%2C%22tid%22%3A%2205285aa2-26ca-4674-bb03-2050831766d8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://gplinks.co
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
607 B 51ms
51ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://gplinks.co
cache-control: no-cache, no-transform
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
706 B 21ms
21ms XHR
application/json 185.33.223.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:18 GMT
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: ddfe7c63-2f70-4e58-8797-e9581a92cc66
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://gplinks.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v31/ Frame C5E1 13 KB
13 KB 6ms
6ms Font
font/woff 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db38bbd1d1cdf5e5c1ea2d81bfa277fbfa0c39282998ca43999174f7e1292c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Oswald:700
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Mar 2020 00:56:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:38 GMT
server: sffe
age: 848639
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13072
x-xss-protection: 0
expires: Wed, 03 Mar 2021 00:56:17 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ Frame 80F0 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:900
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 185962
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13732
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:54 GMT

GET
H2 200 xMQbuFFdSaiXzQUpDqW1KX4.woff2
fonts.gstatic.com/s/viga/v8/ Frame 6A0D 8 KB
8 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/viga/v8/xMQbuFFdSaiXzQUpDqW1KX4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940ad048612546897bd84bcdb974a056f65b7ebc5866299aa1101dc46391d7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Viga:400
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 22:07:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:49:13 GMT
server: sffe
age: 685968
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8272
x-xss-protection: 0
expires: Thu, 04 Mar 2021 22:07:28 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qC0s.woff
fonts.gstatic.com/s/playfairdisplay/v20/ Frame 6A0D 21 KB
22 KB 8ms
8ms Font
font/woff 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v20/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qC0s.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9234efa010bcf6b0cd969e97c992df0d6f5b1bed67e32d2ac97c974c740882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Playfair+Display:400
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 22:09:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 22:41:39 GMT
server: sffe
age: 167475
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 21984
x-xss-protection: 0
expires: Wed, 10 Mar 2021 22:09:01 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ Frame 6A0D 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:600
Origin: https://gplinks.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 01:21:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 1451898
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7836
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:21:58 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame B1E4 0
0 29ms
23ms Document
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://gplinks.co/GKoC
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://gplinks.co/GKoC

Response headers

Server: nginx/1.14.2
Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 29923

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 772 B
1 KB 154ms
37ms Script
application/javascript 54.229.234.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=1083b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.234.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

32d2d58e9722a8e7ff8489865f969a49b48fc3b43652caec52f7fb093052da52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 12 Mar 2020 20:40:16 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 772
Expires: Fri, 14 Feb 2020 09:45:12 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
966 B 22ms
6ms Script
application/x-javascript 2600:9000:2156:3c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:3c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:14:21 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 1562
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ivr8lojbPH4Y-o-rr5N9kLgqr1se8u4iFRfrRcKwNl5P_SD-2w3W_w==
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)

GET
H/1.1 200
OK apu.php Show response
shorteh.com/ 3 KB
2 KB 100ms
17ms XHR
application/json 188.72.202.17
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/apu.php?zoneid=3064019&oo=1

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.17 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

305db6a481763bfb04ace526f17fc7307439762089d6d3fea6bbe0f27a1ef3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 42f78e3d7c78646325ec0cedea44f988
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
shorteh.com/ 90 KB
29 KB 96ms
27ms Script
application/javascript 188.72.202.17
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/tag.min.js

Requested by

Host: gplinks.co
URL: https://gplinks.co/GKoC

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.17 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

22e6a49646b91c50125eaf91d41de7929b952222e9e76071060bd9867b73ec55

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 28520
X-Trace-Id: 4cf88c73b7e2c8318794b4aaa826d8b3
Pragma: no-cache
Last-Modified: Fri, 06 Mar 2020 09:48:14 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 14 KB
5 KB 155ms
155ms XHR
application/json 52.29.14.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2239a58a3f8d9da3d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211d04fccd60ab72%22%2C%22pid%22%3A%2222217566%22%2C%22tid%22%3A%22e2e61959-9647-45e2-874c-8e5054332fe3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%2212f857ec5d0440d%22%2C%22pid%22%3A%2222217567%22%2C%22tid%22%3A%22cc00153a-2cac-4028-b84a-b89b69b70300%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22136d609c8af1506%22%2C%22pid%22%3A%2222217559%22%2C%22tid%22%3A%2256479590-d4bd-4868-ab2f-4710b0b8f362%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2214bcb234530a1c%22%2C%22pid%22%3A%2222217558%22%2C%22tid%22%3A%22817223b3-b31d-458d-9b70-5c5cf028d3cc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22157625674fef4ea%22%2C%22pid%22%3A%2222217557%22%2C%22tid%22%3A%2269500ed6-8511-4e59-b4d7-41c4c427564c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 52beb8be8936d80899044d1b1a1995f3be087857ef34e7c07380e7805be8db3d

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://gplinks.co
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 5237

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 10 KB
4 KB 55ms
55ms XHR
application/json 52.29.14.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22403d1df38aa25c1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2255814%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166fc6e14aa3ae%22%2C%22pid%22%3A%2222217556%22%2C%22tid%22%3A%2223fdd13a-f719-4fa1-aebe-bb153c0c79b8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2217bdf65d482baf4%22%2C%22pid%22%3A%2222217555%22%2C%22tid%22%3A%22a33f6553-1791-435b-a785-c1ab4187adcc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22187c1fd35c5e0cd%22%2C%22pid%22%3A%2222219964%22%2C%22tid%22%3A%22cc0f0b16-5679-48b0-b473-5d9c702fca06%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22199c02fabbd6288%22%2C%22pid%22%3A%2222238876%22%2C%22tid%22%3A%2205285aa2-26ca-4674-bb03-2050831766d8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6931dfb9c10796bb167cfc7d99745252866fc3fb95fdc70bff2fc99a776946cf

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://gplinks.co
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 3956

GET
H2 200 adagio.js Show response
script.4dex.io/ 60 KB
18 KB 56ms
40ms Fetch
application/javascript 2606:4700:e4::ac40:ae0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ae0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc36a5dabe23d6973e196b1f70629c2e25646d55847c07e889ec2938205add2

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1224
status: 200
x-amz-request-id: 40918A8B65257EDA
x-amz-id-2: vgyAlNQ0sDjh7FG+lbGtUMIdMOcvhGOy5xDxhvnr5WwQvO7Dx93dmdPK0LiHoiGhxlJ5Rz8mMp8=
last-modified: Mon, 09 Mar 2020 11:11:38 GMT
server: cloudflare
etag: W/"02788774e36642fcb0bbfe63327d3df7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 5730544cb97dc2bd-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 23:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1459220
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Feb 2021 23:19:56 GMT

GET
H/1.1 200
OK script-appender.js Show response
client.trackpush.com/ 1 KB
1 KB 714ms
335ms Script
application/x-javascript 157.230.253.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://client.trackpush.com/script-appender.js
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.230.253.19 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 443fdb85494dd16e1597fc503f2b0ce2db700b21ec0c2f7dfaa0efc9885030bc

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Last-Modified: Fri, 22 Nov 2019 03:38:28 GMT
Server: nginx
ETag: "5dd75834-476"
Content-Type: application/x-javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1142
Expires: Thu, 12 Mar 2020 20:50:16 GMT

GET
H/1.1

200

3.gif
id5-sync.com/c/12/10/7/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/2/8/2.gif?puid=2128068444612194472&gdpr=1&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/10/7/3.gif?puid=3655635022418722052&gdpr=1&gdpr_consent=

43 B
1 KB

21ms
21ms

Image
image/gif

5.39.67.10
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/12/10/7/3.gif?puid=3655635022418722052&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.39.67.10 , France, ASN16276 (OVH, FR),

Reverse DNS

s06.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:17 GMT
server: nginx
access-control-allow-origin: *
location: https://id5-sync.com/c/12/10/7/3.gif?puid=3655635022418722052&gdpr=1&gdpr_consent=
status: 302
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
expires: -1

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/ 259 KB
93 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6150a376fda97ab4e1a31767faf4da7b0f5a4aa5a17750a4765d5fdad60e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 17:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Mar 2020 04:07:29 GMT
server: sffe
age: 271747
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94728
x-xss-protection: 0
expires: Tue, 09 Mar 2021 17:11:09 GMT

GET
H/1.1 200
OK pixel;r=1778111153;labels=Categories.business%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fgplinks.co%2FGKo...
pixel.quantserve.com/ 35 B
658 B 87ms
23ms Image
image/gif 91.228.74.203
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1778111153;labels=Categories.business%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fgplinks.co%2FGKoC;fpan=1;fpa=P0-429913510-1584045616130;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1584045616130;tzo=-60;ogl=image.

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.203 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
521 B 129ms
34ms XHR
application/x-javascript 54.246.118.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.118.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Mar 2020 20:40:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://gplinks.co
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content fac.php
shorteh.com/ Frame BADB 0
0 14ms
14ms Document
text/html 188.72.202.17
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/fac.php

Requested by

Host: shorteh.com
URL: https://shorteh.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.17 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: shorteh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://gplinks.co/GKoC
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://gplinks.co/GKoC

Response headers

Server: nginx
Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id: 44b0edd53f0210fecc484e48f2add4c4
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2

200

pixel.gif
load77.exelator.com/
Redirect Chain

https://loadus.exelator.com/load/?p=104&g=891&j=0&buid=acda44fa336c42ca9db72d2fa1e9daa1_nl
https://load77.exelator.com/pixel.gif

43 B
273 B

7139ms
34ms

Image
image/gif

195.181.175.46
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: unn-195-181-175-46.datapacket.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:23 GMT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: frankfurtDE
etag: "59f0c3fc-2b"
x-cache: HIT
content-type: image/gif
status: 200
x-edge-ip: 195.181.175.44
x-age: 206297
accept-ranges: bytes
content-length: 43

Redirect headers

date: Thu, 12 Mar 2020 20:40:16 GMT
server: nginx/1.14.0
x-powered-by: Undertow/1
location: https://load77.exelator.com/pixel.gif
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status: 302
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Da7149a00-37d9-4eb8-824a-af9fa54ce97b
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253Da7149a00-37d9-4eb8-8...
https://s.cpx.to/an_fire?app_nexus_uid=2128068444612194472&pid=11528&ref=&hn_ver=10&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b

95 B
865 B

40ms
36ms

Image
image/png

54.229.234.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=2128068444612194472&pid=11528&ref=&hn_ver=10&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.234.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 12 Mar 2020 20:40:16 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 12 Mar 2020 20:40:16 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:18 GMT
AN-X-Request-Uuid: 0700361f-af48-4cd6-b317-17ee8a5c59b1
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=2128068444612194472&pid=11528&ref=&hn_ver=10&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b
https://s.cpx.to/ca.png?dsp=dbm&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b&google_gid=CAESELQ9izoeGyktqWA8M5--udU&google_cver=1

95 B
804 B

35ms
34ms

Image
image/png

54.229.234.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b&google_gid=CAESELQ9izoeGyktqWA8M5--udU&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.234.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Thu, 12 Mar 2020 20:40:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:16 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b&google_gid=CAESELQ9izoeGyktqWA8M5--udU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b&fck=18d9715b178f9977&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=1217d929e2df8c3c32a6f290d4ecceb7&fck=18d9715b178f9977

95 B
708 B

33ms
32ms

Image
image/png

54.229.234.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=1217d929e2df8c3c32a6f290d4ecceb7&fck=18d9715b178f9977

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.234.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 12 Mar 2020 20:40:16 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 12 Mar 2020 20:40:16 GMT

Redirect headers

date: Thu, 12 Mar 2020 20:40:16 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer2-dmp-nyc1-do.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync4-dmp-nyc1-do.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=1217d929e2df8c3c32a6f290d4ecceb7&fck=18d9715b178f9977
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 5730544d9d9e9c39-AMS
expires: 0

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da7149a00-37d9-4eb8-824a-af9fa54ce97b
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da7149a00-37d9-4eb8-824a-af9fa54ce97b
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FE861F89-0E66-49D4-AD31-792B201A446A&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b

95 B
881 B

33ms
33ms

Image
image/png

54.229.234.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FE861F89-0E66-49D4-AD31-792B201A446A&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.234.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 12 Mar 2020 20:40:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 12 Mar 2020 20:40:19 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FE861F89-0E66-49D4-AD31-792B201A446A&fid=a7149a00-37d9-4eb8-824a-af9fa54ce97b
Date: Thu, 12 Mar 2020 20:40:19 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 447
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://pool.grid-data.bidswitch.net/sync?pid=42
https://s.cpx.to/sync?dsp_uid=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa&dsp=BIDSWITCH

95 B
882 B

37ms
36ms

Image
image/png

54.229.234.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa&dsp=BIDSWITCH

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.234.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 12 Mar 2020 20:40:23 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 12 Mar 2020 20:40:23 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp_uid=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa&dsp=BIDSWITCH
Date: Thu, 12 Mar 2020 20:40:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
2 KB 36ms
35ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=340301&pgid=1190984&fmtid=26300&async=1&visit=m&tmstp=1483820403&tag=sas_26300&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fgplinks.co%2FGKoC&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b8%3b133
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 4149ms
1044ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=55814&f=2&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 12 Mar 2020 20:40:20 GMT
Server: nginx
X-IPLB-Instance: 20685
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
2 KB 71ms
36ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=340301&pgid=1190984&fmtid=26322&async=1&visit=s&tmstp=1483820403&tag=sas_26322&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fgplinks.co%2FGKoC&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 7d1e21f8edaeae8919082e33c1936ab06fda5ce438d16f3fe9c7a3666d01a61b

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b23%3b81
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 4202ms
53ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=55814&f=1&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 12 Mar 2020 20:40:20 GMT
Server: nginx
X-IPLB-Instance: 20685
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
2 KB 82ms
32ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=340301&pgid=1190984&fmtid=26328&async=1&visit=s&tmstp=1483820403&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fgplinks.co%2FGKoC&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: fb028f8534028ebf229451fa3c7d42e2848522b054fe5913f5b0df8ead47129c

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b11%3b89
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 5362ms
1160ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=55814&f=6&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 12 Mar 2020 20:40:21 GMT
Server: nginx
X-IPLB-Instance: 20685
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
1 KB 92ms
48ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=340301&pgid=1190984&fmtid=30012&async=1&visit=s&tmstp=1483820403&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fgplinks.co%2FGKoC&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b25%3b75
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 6575ms
1214ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=55814&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 12 Mar 2020 20:40:22 GMT
Server: nginx
X-IPLB-Instance: 20685
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame 3C2B 14 KB
4 KB 127ms
21ms Script
application/x-javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
age: 1176
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1584045616.446993,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
x-amz-request-id: 594074B13CFB3805
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 81
x-cache-hits: 320

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame 2AD6 14 KB
4 KB 66ms
21ms Script
application/x-javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
age: 1176
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1584045616.446987,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
x-amz-request-id: 594074B13CFB3805
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 81
x-cache-hits: 320

GET
H2 200 bundle.js Show response
ads.themoneytizer.com/cs2/dist/ 103 KB
24 KB 15ms
14ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=55814&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c97f6e3a63cde2ec40a982359b3aefff892560577e4846a629556da52e75391

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 10:52:38 GMT
server: nginx
etag: "3d387-19a8c-59e3689a88147"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24569
expires: Fri, 13 Mar 2020 20:39:36 GMT

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
768 B 64ms
18ms XHR
application/json 188.42.160.80
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3105231

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.80 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

992e2cf654f99fd4c71cdccae2572b2f6c800a405ae7d3c5b0c2d822fa9b6463

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://gplinks.co
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame 6D30 14 KB
4 KB 28ms
27ms Script
application/x-javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
age: 1176
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1584045616.447440,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
x-amz-request-id: 594074B13CFB3805
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 81
x-cache-hits: 321

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame F101 684 KB
173 KB 21ms
21ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfc21b094fee15a259b75e27b7819afb36144501533c7cc75a46a35bc0d51437

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: RZFf6L21qe_JtGk1bQuXKyn3109f2YAH
content-encoding: gzip
age: 1070
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
content-length: 177133
x-amz-id-2: X/LSPktifSIDe1IzPEDYjPZdBwttc7ZUjKIYXTXchuglSe6s1qV8WsFzwRVwMc5C2xue9x56KHw=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 20:22:26 GMT
server: AmazonS3
x-timer: S1584045616.492846,VS0,VE0
etag: "c48767b74e40ea594bfc4c88de1f51f6"
vary: Accept-Encoding
x-amz-request-id: 61EC06075833CC5C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 121

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 7B17 684 KB
173 KB 51ms
51ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfc21b094fee15a259b75e27b7819afb36144501533c7cc75a46a35bc0d51437

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: RZFf6L21qe_JtGk1bQuXKyn3109f2YAH
content-encoding: gzip
age: 1070
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
content-length: 177133
x-amz-id-2: X/LSPktifSIDe1IzPEDYjPZdBwttc7ZUjKIYXTXchuglSe6s1qV8WsFzwRVwMc5C2xue9x56KHw=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 20:22:26 GMT
server: AmazonS3
x-timer: S1584045616.495935,VS0,VE0
etag: "c48767b74e40ea594bfc4c88de1f51f6"
vary: Accept-Encoding
x-amz-request-id: 61EC06075833CC5C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 122

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 8392 684 KB
173 KB 57ms
57ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfc21b094fee15a259b75e27b7819afb36144501533c7cc75a46a35bc0d51437

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: RZFf6L21qe_JtGk1bQuXKyn3109f2YAH
content-encoding: gzip
age: 1070
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
content-length: 177133
x-amz-id-2: X/LSPktifSIDe1IzPEDYjPZdBwttc7ZUjKIYXTXchuglSe6s1qV8WsFzwRVwMc5C2xue9x56KHw=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 20:22:26 GMT
server: AmazonS3
x-timer: S1584045617.502088,VS0,VE0
etag: "c48767b74e40ea594bfc4c88de1f51f6"
vary: Accept-Encoding
x-amz-request-id: 61EC06075833CC5C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 123

OPTIONS
H/1.1 200
OK 3105231 Show response
inpagepush.com/500/ 0
495 B 60ms
14ms XHR
text/plain 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3105231?excludes=&oaid=7ff029d1684645608a201679e5fecce3&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=14&pl=https%3A%2F%2Fgplinks.co%2FGKoC&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3105231

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: GET
Origin: https://gplinks.co
Referer: https://gplinks.co/GKoC
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://gplinks.co
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

GET
H2 200 impl.20200312-25-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame F101 446 KB
126 KB 21ms
21ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 153b3d5d0aeb3df898376824b1dae498324952563cfdf86ff2aab0f566ce792f

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: dtfqFvDBodG0vL4YsPmj_.cHIUytJbuz
content-encoding: gzip
age: 5716
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 129044
x-amz-id-2: s1zFNBkAeZHHMSmISy4FwcpQhVTCjgJfbY5pmpHjsOmUjLeWpo3bS7dP+a/xMuJgQr1X8efzB14=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 19:03:21 GMT
server: AmazonS3
x-timer: S1584045617.563780,VS0,VE0
etag: "3a3d6863c20cceb79a1a35e1c8c146cc"
vary: Accept-Encoding
x-amz-request-id: DBF8F61FE09A941E
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 81
x-cache-hits: 21658

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame F101 1 KB
1 KB 73ms
25ms Script
application/x-javascript 23.11.238.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 impl.20200312-25-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 7B17 446 KB
126 KB 21ms
21ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 153b3d5d0aeb3df898376824b1dae498324952563cfdf86ff2aab0f566ce792f

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: dtfqFvDBodG0vL4YsPmj_.cHIUytJbuz
content-encoding: gzip
age: 5716
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 129044
x-amz-id-2: s1zFNBkAeZHHMSmISy4FwcpQhVTCjgJfbY5pmpHjsOmUjLeWpo3bS7dP+a/xMuJgQr1X8efzB14=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 19:03:21 GMT
server: AmazonS3
x-timer: S1584045617.579318,VS0,VE0
etag: "3a3d6863c20cceb79a1a35e1c8c146cc"
vary: Accept-Encoding
x-amz-request-id: DBF8F61FE09A941E
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 81
x-cache-hits: 21659

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 7B17 1 KB
1 KB 82ms
25ms Script
application/x-javascript 23.11.238.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H/1.1 200
OK 3105231 Show response
inpagepush.com/500/ 1 KB
1 KB 20ms
19ms XHR
application/javascript 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

0cb86537a3efe66feba52f36977bd890dfb8982bc6abbd6a68bad454b103fd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: e85a372e14c1eeceabef849f6d3347e6
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://gplinks.co
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 impl.20200312-25-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 8392 446 KB
126 KB 22ms
21ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 153b3d5d0aeb3df898376824b1dae498324952563cfdf86ff2aab0f566ce792f

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: dtfqFvDBodG0vL4YsPmj_.cHIUytJbuz
content-encoding: gzip
age: 5716
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 129044
x-amz-id-2: s1zFNBkAeZHHMSmISy4FwcpQhVTCjgJfbY5pmpHjsOmUjLeWpo3bS7dP+a/xMuJgQr1X8efzB14=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 19:03:21 GMT
server: AmazonS3
x-timer: S1584045617.588580,VS0,VE0
etag: "3a3d6863c20cceb79a1a35e1c8c146cc"
vary: Accept-Encoding
x-amz-request-id: DBF8F61FE09A941E
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 81
x-cache-hits: 21660

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 8392 1 KB
1 KB 99ms
24ms Script
application/x-javascript 23.11.238.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 20:40:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 13 Mar 2020 20:40:16 GMT

GET
H2 200 json Show response
trc.taboola.com/themonetizer-gplinksco/trc/3/ Frame F101 4 KB
3 KB 152ms
150ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-gplinksco/trc/3/json?tim=21%3A40%3A16.609&lti=deflated&data=%7B%22id%22%3A964%2C%22ii%22%3A%22%2Fgkoc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1584045616607%2C%22cv%22%3A%2220200312-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22340301-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22340301-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bcf01af1bb90cb9df0b669cc0d1fc046d06d37a38c382169e1ecb9e898f2fc0

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-vcl-time-ms: 130
date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-fra19161-FRA
server: nginx
x-timer: S1584045617.618981,VS0,VE130
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK 0326448916021.jpeg
static.ptoahaistais.com/contents/s/57/06/31/1a57eaa3570772b00d515f1f14/ 10 KB
11 KB 3087ms
14ms Image
image/jpeg 78.140.190.68
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/57/06/31/1a57eaa3570772b00d515f1f14/0326448916021.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.68 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 071d74ef5f0dd0724f9bde381236e6f7e22017ea3f2ff1079948abeb2772edca

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 20:40:19 GMT
Last-Modified: Thu, 30 Jan 2020 10:47:22 GMT
Server: nginx
ETag: "5e32b43a-2848"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 10312

GET
H2 200 json Show response
trc.taboola.com/themonetizer-gplinksco/trc/3/ Frame 7B17 5 KB
3 KB 190ms
190ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-gplinksco/trc/3/json?tim=21%3A40%3A16.632&lti=deflated&data=%7B%22id%22%3A55%2C%22ii%22%3A%22%2Fgkoc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1584045616607%2C%22cv%22%3A%2220200312-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22340301-MEGABANNER%22%2C%22orig_uip%22%3A%22340301-MEGABANNER%22%2C%22cd%22%3A8%2C%22mw%22%3A712%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3420ad08ed4ef40aeed94d00ee5af8f05f84607f9ed0e34b9d310b4c521df6c2

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-vcl-time-ms: 169
date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-fra19161-FRA
server: nginx
x-timer: S1584045617.640332,VS0,VE169
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/themonetizer-gplinksco/trc/3/ Frame 8392 5 KB
3 KB 180ms
180ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-gplinksco/trc/3/json?tim=21%3A40%3A16.665&lti=deflated&data=%7B%22id%22%3A686%2C%22ii%22%3A%22%2Fgkoc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1584045616607%2C%22cv%22%3A%2220200312-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgplinks.co%2FGKoC%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22340301-MEGABANNER%20BAS%22%2C%22orig_uip%22%3A%22340301-MEGABANNER%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A712%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: efc79aada871eee69292a5a99371516b217a5272863908b0a3faa30210ca21a6

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-vcl-time-ms: 159
date: Thu, 12 Mar 2020 20:40:16 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-fra19161-FRA
server: nginx
x-timer: S1584045617.672800,VS0,VE159
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame F101
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616695&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616695&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9=

0
248 B

24ms
23ms

Image
text/plain

23.11.238.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616695&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9=
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616695&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9=
Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 7B17 0
248 B 24ms
24ms Image
text/plain 23.11.238.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616697&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9=
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 8392 0
248 B 41ms
24ms Image
text/plain 23.11.238.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584045616697&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgplinks.co%2FGKoC&c9=
Requested by: Host: sb.scorecardresearch.com
URL: https://sb.scorecardresearch.com/beacon.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:16 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20200312-25-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame F101 22 KB
8 KB 21ms
21ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200312-25-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffc0ebe7f68e5a3ea1c6c6bcdbe10cc07a2172ed71283149d582497d8c0d1e25

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: m3ZrTge7YgkWSF1V_5T5MxBo8YHX03So
content-encoding: gzip
age: 5711
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 7712
x-amz-id-2: 7Bt7hLhnYplPUR6hxpNm1zwvbOqdfwlgNZMq3X2+YxzsXDHYtFnSQNah5xpoVz5s25O0LTRUOiQ=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 19:03:28 GMT
server: AmazonS3
x-timer: S1584045617.785183,VS0,VE0
etag: "508ed3848e25472d067332408ef91a44"
vary: Accept-Encoding
x-amz-request-id: CFE213BB1C0BECF2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 2
x-cache-hits: 2628

GET
H2

204

rtb-h
trc.taboola.com/sg/exposebox-network/1/ Frame 5A91
Redirect Chain

https://server.exposebox.com/rcm
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22a

0
59 B

31ms
31ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22a
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.840845,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 google
x-powered-by: Express
location: //trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22a
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
cache-control: max-age:0
alt-svc: clear
expires: 0

GET
H2

200

match
match.zorosrv.com/ Frame 5A91
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41&tbid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&query=taboola_hm%3Dc90ad108-9c1d-...
https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41&excid=218&query=taboola_hm%3Dc90ad108-9c1d-4ee0-8008-44e0c9a8ab41

0
293 B

31ms
30ms

Image
text/plain

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41&excid=218&query=taboola_hm%3Dc90ad108-9c1d-4ee0-8008-44e0c9a8ab41
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.281394,VS0,VE9
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status: 200
x-cache-hits: 0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-served-by: cache-hhn4027-HHN

Redirect headers

date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.249773,VS0,VE9
location: https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c90ad108-9c1d-4ee0-8008-44e0c9a8ab41&excid=218&query=taboola_hm%3Dc90ad108-9c1d-4ee0-8008-44e0c9a8ab41
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5A91 0
239 B 115ms
34ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://px.powerlinks.com/user/sync/dsps?userId=1f9b5e6a-9e31-4800-8512-cef9d58c15e0&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-net...
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8%3D

45 B
95 B

31ms
30ms

Image
image/gif

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.160693,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8%3D
Date: Thu, 12 Mar 2020 20:40:18 GMT
Server: nginx
Connection: close
Etag: "c0n52XTl582Ap_UeSZshZq-wF4VYMY9fltnaVq3A5m8="
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=58fa5e6a-9e2f-4100-a3de-ad648c0492c4

0
54 B

31ms
30ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=58fa5e6a-9e2f-4100-a3de-ad648c0492c4
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.887480,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Date: Thu, 12 Mar 2020 20:40:11 GMT
Server: MT3 2187 76c51ad master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=58fa5e6a-9e2f-4100-a3de-ad648c0492c4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 12 Mar 2020 20:40:10 GMT

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qaArM8OsOkl8&ev=1&pid=562107

0
50 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qaArM8OsOkl8&ev=1&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.815318,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qaArM8OsOkl8&ev=1&pid=562107
content-language: en-US
status: 302
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6qnrOZWyb8ApttUZoAIe&pi=taboola&tc=1

0
50 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6qnrOZWyb8ApttUZoAIe&pi=taboola&tc=1
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.979727,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Thu, 12 Mar 2020 20:40:16 GMT, Thu, 12 Mar 2020 20:40:16 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=6qnrOZWyb8ApttUZoAIe&pi=taboola&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472

0
65 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.978394,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:18 GMT
AN-X-Request-Uuid: df8f240b-1b39-439c-ba16-649671592401
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBbW2OgNIZKbQ-L-IiurvJ4&google_cver=1

0
54 B

31ms
30ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBbW2OgNIZKbQ-L-IiurvJ4&google_cver=1
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.040171,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:17 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBbW2OgNIZKbQ-L-IiurvJ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472

0
197 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.026150,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:19 GMT
AN-X-Request-Uuid: 5972f69c-e790-4e9e-9d0e-88277343a452
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=2128068444612194472
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef45c52c-253f-4d81-b325-cab4e53e2a6f

0
65 B

31ms
31ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef45c52c-253f-4d81-b325-cab4e53e2a6f
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 11
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.088963,VS0,VE11
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:17 GMT
x-aspnet-version: 4.0.30319
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ef45c52c-253f-4d81-b325-cab4e53e2a6f
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 5A91
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=669c4533-84cf-48c9-8c2e-0f40f3d22d27-tuct56423b0
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
59 B

38ms
38ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 17
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045619.838648,VS0,VE17
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
expires: 0
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 5A91 35 B
380 B 398ms
100ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:17 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 5A91 0
176 B 1553ms
95ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=669c4533-84cf-48c9-8c2e-0f40f3d22d27-tuct56423b0&_r=7777597
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 20:40:18 GMT
cache-control: no-store
x-envoy-upstream-service-time: 0
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 5A91
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=5c8aec74-f27f-4f58-8890-9444de3c0884&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa

0
55 B

30ms
30ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.205927,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

status: 302
date: Thu, 12 Mar 2020 20:40:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=2f576cb9-7eb0-4a58-ade5-57c40f62a3fa
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 bulk Show response
trc.taboola.com/themonetizer-gplinksco/log/3/ Frame F101 0
104 B 31ms
30ms XHR
image/gif 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-gplinksco/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-fra19161-FRA
pragma: no-cache
server: nginx
x-timer: S1584045617.793261,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://gplinks.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 showernl2_1000x600_5e07c889b733e6317208db610c6509ec.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_236%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a7972c96-72a1-4d70-b225-965ae68e0329/ Frame F101 21 KB
22 KB 23ms
22ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_236%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a7972c96-72a1-4d70-b225-965ae68e0329/showernl2_1000x600_5e07c889b733e6317208db610c6509ec.png
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 360f3d747d986490cae2701b3c63009feb2103ec091b74934c2173fc479ba565

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1372042
edge-cache-tag: 472544242969839742573914826670196689868,470233022028354741076995122663275795752,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 26 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_236%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a7972c96-72a1-4d70-b225-965ae68e0329/showernl2_1000x600_5e07c889b733e6317208db610c6509ec.png
content-length: 21549
x-served-by: cache-dca17742-DCA, cache-dca17729-DCA, cache-fra19161-FRA
last-modified: Sun, 26 Jan 2020 18:27:49 GMT
server: cloudinary
x-timer: S1584045618.520283,VS0,VE1
etag: "377081a629ac4f933d3bd666d34e49ac"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame F101 254 B
762 B 21ms
20ms Image
image/png 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20200312-25-RELEASE.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
age: 2797
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19161-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1584045617.815180,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 2
x-cache-hits: 4919

GET
H2

204

rtb-h
trc.taboola.com/sg/exposebox-network/1/ Frame 318B
Redirect Chain

https://server.exposebox.com/rcm
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22b

0
183 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22b
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.877376,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 google
x-powered-by: Express
location: //trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf22b
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
cache-control: max-age:0
alt-svc: clear
expires: 0

GET
H2

200

match
match.zorosrv.com/ Frame 318B
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&tbid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&query=taboola_hm%3Dc12ecddf-24e7-...
https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090

0
52 B

29ms
29ms

Image
text/plain

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.646750,VS0,VE8
x-served-by: cache-hhn4027-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.617060,VS0,VE9
location: https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 318B 0
239 B 24ms
24ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 318B
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://px.powerlinks.com/user/sync/dsps?userId=1f9b5e6a-9e31-4800-8512-cef9d58c15e0&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-net...
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D

45 B
99 B

31ms
30ms

Image
image/gif

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.438980,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D
Date: Thu, 12 Mar 2020 20:40:18 GMT
Server: nginx
Connection: close
Etag: "HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU="
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 318B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=3fa15e6a-9e31-4400-bc2a-b2534f915e3b
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=3fa15e6a-9e31-4400-bc2a-b2534f915e3b

0
201 B

30ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=3fa15e6a-9e31-4400-bc2a-b2534f915e3b
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.738501,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Date: Thu, 12 Mar 2020 20:40:12 GMT
Server: MT3 2187 76c51ad master cdg-pixel-x19
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=3fa15e6a-9e31-4400-bc2a-b2534f915e3b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 12 Mar 2020 20:40:11 GMT

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 318B
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gWTO7I825afF&ev=1&pid=562107

0
51 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gWTO7I825afF&ev=1&pid=562107
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.815039,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gWTO7I825afF&ev=1&pid=562107
content-language: en-US
status: 302
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-c96d8d657-dvvmz
expires: -1

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 318B
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola&tc=1

0
51 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola&tc=1
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.939649,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Thu, 12 Mar 2020 20:40:17 GMT, Thu, 12 Mar 2020 20:40:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 318B 43 B
690 B 17ms
17ms Image
image/gif 185.33.223.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:19 GMT
AN-X-Request-Uuid: 3abf0d15-c8db-4087-81b0-6932be8ffbc8
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.82:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 318B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1

0
54 B

31ms
31ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.926158,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:17 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 318B 43 B
690 B 21ms
21ms Image
image/gif 185.33.223.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:19 GMT
AN-X-Request-Uuid: 6861f5e8-e714-4e57-9272-5d5973ad3aee
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 318B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc3612ec-4310-42db-bbc9-b2a1900f0f86

0
201 B

30ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc3612ec-4310-42db-bbc9-b2a1900f0f86
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.038477,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:18 GMT
x-aspnet-version: 4.0.30319
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cc3612ec-4310-42db-bbc9-b2a1900f0f86
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 318B 35 B
380 B 102ms
101ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:17 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 318B
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819618501349458&expires=30&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=c3b0fef8-0d58-4a9f-91c9-d96210524ec3

0
57 B

30ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=c3b0fef8-0d58-4a9f-91c9-d96210524ec3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 12 Mar 2020 20:40:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045620.991075,VS0,VE8
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

status: 302
date: Thu, 12 Mar 2020 20:40:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=c3b0fef8-0d58-4a9f-91c9-d96210524ec3
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 userx.20200312-25-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 7B17 22 KB
8 KB 23ms
23ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200312-25-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffc0ebe7f68e5a3ea1c6c6bcdbe10cc07a2172ed71283149d582497d8c0d1e25

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: m3ZrTge7YgkWSF1V_5T5MxBo8YHX03So
content-encoding: gzip
age: 5711
x-cache: HIT
status: 200
date: Thu, 12 Mar 2020 20:40:16 GMT
x-amz-replication-status: COMPLETED
content-length: 7712
x-amz-id-2: 7Bt7hLhnYplPUR6hxpNm1zwvbOqdfwlgNZMq3X2+YxzsXDHYtFnSQNah5xpoVz5s25O0LTRUOiQ=
x-served-by: cache-fra19161-FRA
last-modified: Thu, 12 Mar 2020 19:03:28 GMT
server: AmazonS3
x-timer: S1584045617.851467,VS0,VE0
etag: "508ed3848e25472d067332408ef91a44"
vary: Accept-Encoding
x-amz-request-id: CFE213BB1C0BECF2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 2629

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 318B
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
243 B

30ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045619.040286,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
expires: 0
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 318B 0
176 B 1316ms
99ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&_r=4323802
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 20:40:19 GMT
cache-control: no-store
x-envoy-upstream-service-time: 0
Server: nginx
Connection: close
Content-Length: 0

GET
H2 200 zonnepanelen-nl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//info.consument-centraal.nl/hosted/images/15/ded818398944059cbd784492927c75/ Frame 7B17 15 KB
15 KB 22ms
22ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//info.consument-centraal.nl/hosted/images/15/ded818398944059cbd784492927c75/zonnepanelen-nl.jpg
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: dbee65974b9602303c5d4481765dc724725179d653fdb3406139ce6ae3a6c54b

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2414185
edge-cache-tag: 383053930444419495074963152271820132559,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 09 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//info.consument-centraal.nl/hosted/images/15/ded818398944059cbd784492927c75/zonnepanelen-nl.jpg
content-length: 15147
x-served-by: cache-dca17771-DCA, cache-dca17763-DCA, cache-fra19161-FRA
last-modified: Fri, 07 Feb 2020 12:12:03 GMT
server: cloudinary
x-timer: S1584045618.192328,VS0,VE1
etag: "b01b3a209ca3d1223ad5f4cdcc63035c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 0620c9104482e9fa8e20e222854e912e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7B17 19 KB
19 KB 22ms
21ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0620c9104482e9fa8e20e222854e912e.jpg
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: eff091cd248f1a1e859d23e3f4cb68e2e9b0f85c1e7dd67bfedf49a684c7e857

Request headers

Referer: https://gplinks.co/GKoC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 369069
edge-cache-tag: 494082285155231195818276332001073239549,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 03 Apr 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0620c9104482e9fa8e20e222854e912e.jpg
content-length: 19073
x-served-by: cache-dca17751-DCA, cache-dca17733-DCA, cache-fra19161-FRA
last-modified: Tue, 03 Mar 2020 04:40:36 GMT
server: cloudinary
x-timer: S1584045618.214704,VS0,VE1
etag: "cf54511b6931f39d6a7b786c4a50ce97"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

POST
H2 204 bulk Show response
trc.taboola.com/themonetizer-gplinksco/log/3/ Frame 7B17 0
312 B 30ms
30ms XHR
image/gif 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-gplinksco/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gplinks.co/GKoC
Origin: https://gplinks.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-fra19161-FRA
pragma: no-cache
server: nginx
x-timer: S1584045617.861968,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://gplinks.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

204

rtb-h
trc.taboola.com/sg/exposebox-network/1/ Frame 4720
Redirect Chain

https://server.exposebox.com/rcm
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf21n

0
51 B

31ms
31ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf21n
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045617.888685,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

date: Thu, 12 Mar 2020 20:40:16 GMT
via: 1.1 google
x-powered-by: Express
location: //trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82ihf21n
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
cache-control: max-age:0
alt-svc: clear
expires: 0

GET
H2

200

match
match.zorosrv.com/ Frame 4720
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&tbid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&query=taboola_hm%3Dc12ecddf-24e7-...
https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090

0
52 B

29ms
28ms

Image
text/plain

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.318610,VS0,VE8
x-served-by: cache-hhn4027-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.288989,VS0,VE9
location: https://match.zorosrv.com/match?tabid=28bbede7-f79a-4364-a823-a09af9226137-tuct56423b0&extuid=c12ecddf-24e7-4ef5-b8e2-90eb0b2d6090&excid=218&query=taboola_hm%3Dc12ecddf-24e7-4ef5-b8e2-90eb0b2d6090
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 4720 0
239 B 32ms
32ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 4720
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D

45 B
256 B

31ms
30ms

Image
image/gif

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Thu, 12 Mar 2020 20:40:20 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045621.854121,VS0,VE10
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU%3D
Date: Thu, 12 Mar 2020 20:40:20 GMT
Server: nginx
Connection: close
Etag: "HVASLlYOu75yBlCtJBzko1OKZzF-Yt_renv01DyDoOU="
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 4720
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=1f9b5e6a-9e31-4800-8512-cef9d58c15e0

0
56 B

30ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=1f9b5e6a-9e31-4800-8512-cef9d58c15e0
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.489877,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Date: Thu, 12 Mar 2020 20:40:13 GMT
Server: MT3 2187 76c51ad master cdg-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=1f9b5e6a-9e31-4800-8512-cef9d58c15e0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 12 Mar 2020 20:40:12 GMT

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 4720
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=J3fqjAazYhs6&ev=1&pid=562107

0
56 B

31ms
31ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=J3fqjAazYhs6&ev=1&pid=562107
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045618.486576,VS0,VE10
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=J3fqjAazYhs6&ev=1&pid=562107
content-language: en-US
status: 302
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 4720
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola

0
61 B

30ms
30ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045619.547598,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Thu, 12 Mar 2020 20:40:18 GMT, Thu, 12 Mar 2020 20:40:18 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=Q0HqowHhUA7YPUNyA6F9&pi=taboola
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 4720 43 B
691 B 14ms
14ms Image
image/gif 185.33.223.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 20:40:20 GMT
AN-X-Request-Uuid: d6834229-8235-4e79-8d97-be6d5bab10cd
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 4720
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1

0
60 B

29ms
29ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1
Requested by: Host: gplinks.co
URL: https://gplinks.co/GKoC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 12 Mar 2020 20:40:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584045619.625279,VS0,VE9
x-served-by: cache-fra19161-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 20:40:18 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIQp4O9TG-btwLFZFLi0Z5A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 4720 43 B
690 B 18ms
17ms Image
image/gif 185.33.223.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200312-25-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS