urlscan.io logo urlscan.io
SecurityTrails logo

dl-file.com Open in urlscan Pro
144.217.183.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Effective URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Submission Tags: falconsandbox
Submission: On May 22 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 129 IPs in 11 countries across 128 domains to perform 553 HTTP transactions. The main IP is 144.217.183.17, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is dl-file.com. The Cisco Umbrella rank of the primary domain is 469754.
TLS certificate: Issued by R3 on May 2nd 2022. Valid for: 3 months.
This is the only time dl-file.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 144.217.183.17 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001::4 19750 (AS-CRITEO)
16 138.199.40.58 60068 (CDN77 ^_^)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
1 158.69.139.226 16276 (OVH)
2 158.69.139.230 16276 (OVH)
1 13.225.223.128 16509 (AMAZON-02)
3 3.134.121.229 16509 (AMAZON-02)
1 172.64.151.83 13335 (CLOUDFLAR...)
3 13.225.223.111 16509 (AMAZON-02)
1 45.55.120.93 14061 (DIGITALOC...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 14 184.50.205.90 16625 (AKAMAI-AS)
2 2 51.222.80.231 16276 (OVH)
1 13.225.223.110 16509 (AMAZON-02)
1 67.202.105.32 32748 (STEADFAST)
15 142.250.80.2 15169 (GOOGLE)
1 206.189.125.55 14061 (DIGITALOC...)
11 23.52.163.40 16625 (AKAMAI-AS)
2 67.202.105.31 32748 (STEADFAST)
1 3.140.54.152 16509 (AMAZON-02)
1 13.225.223.100 16509 (AMAZON-02)
10 10 67.202.105.21 32748 (STEADFAST)
1 2 13.225.223.118 16509 (AMAZON-02)
9 10 68.67.160.132 29990 (ASN-APPNEX)
7 7 107.178.246.49 15169 (GOOGLE)
15 17 35.71.131.137 16509 (AMAZON-02)
1 1 34.231.116.207 14618 (AMAZON-AES)
2 52.0.204.120 14618 (AMAZON-AES)
1 5 35.190.60.146 15169 (GOOGLE)
3 5 54.156.26.12 14618 (AMAZON-AES)
14 41 142.250.65.226 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 67.202.105.22 32748 (STEADFAST)
1 13.225.223.74 16509 (AMAZON-02)
4 8 23.92.190.69 29791 (VOXEL-DOT...)
5 13.225.223.43 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 13.225.222.69 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 5 2620:100:a001::c 19750 (AS-CRITEO)
4 23.217.18.225 16625 (AKAMAI-AS)
1 35.241.9.51 15169 (GOOGLE)
6 12 68.67.161.175 29990 (ASN-APPNEX)
1 104.19.150.54 13335 (CLOUDFLAR...)
3 30 104.128.64.70 36007 (KAMATERA)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 34.107.254.252 15169 (GOOGLE)
1 3 13.225.223.20 16509 (AMAZON-02)
3 3 52.116.221.248 36351 (SOFTLAYER)
2 23.92.190.74 10913 (INTERNAP-BLK)
4 4 23.23.81.221 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
19 21 35.211.178.172 15169 (GOOGLE)
2 3 104.18.98.194 13335 (CLOUDFLAR...)
4 18.207.82.126 14618 (AMAZON-AES)
3 74.119.119.139 19750 (AS-CRITEO)
10 34.236.83.94 14618 (AMAZON-AES)
1 2 50.31.142.63 23352 (SERVERCEN...)
3 104.36.115.98 62713 (AS-PUBMATIC)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.20.2.123 14618 (AMAZON-AES)
5 18.219.174.164 16509 (AMAZON-02)
3 3 34.229.3.43 14618 (AMAZON-AES)
1 2 34.111.234.236 15169 (GOOGLE)
4 6 13.225.223.57 16509 (AMAZON-02)
2 33 209.54.180.144 16509 (AMAZON-02)
1 23.217.46.172 16625 (AKAMAI-AS)
4 2607:f8b0:400... 15169 (GOOGLE)
7 23.52.161.180 16625 (AKAMAI-AS)
2 2 69.12.8.74 11742 (SPOTX-IAD)
3 3 34.98.64.218 15169 (GOOGLE)
1 23.227.137.50 55081 (24SHELLS)
16 199.244.49.55 36007 (KAMATERA)
1 2620:116:800b... 14618 (AMAZON-AES)
1 1 54.157.59.45 14618 (AMAZON-AES)
1 6 54.236.139.147 14618 (AMAZON-AES)
4 4 207.198.113.87 13768 (COGECO-PEER1)
1 2 199.187.193.199 47043 (SMARTADSE...)
3 3 23.88.75.188 24940 (HETZNER-AS)
7 23 23.52.162.21 16625 (AKAMAI-AS)
7 9 69.173.151.100 26667 (RUBICONPR...)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 15.235.42.102 16276 (OVH)
10 3.225.178.202 14618 (AMAZON-AES)
1 13.225.223.24 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 104.16.108.154 13335 (CLOUDFLAR...)
1 1 34.206.33.80 14618 (AMAZON-AES)
2 2 35.84.99.10 16509 (AMAZON-02)
1 40.71.11.141 8075 (MICROSOFT...)
1 1 64.58.232.179 13649 (ASN-VINS)
1 64.58.232.180 13649 (ASN-VINS)
2 2 13.225.223.18 16509 (AMAZON-02)
1 1 199.127.207.188 26120 (RHYTHMONE)
3 4 173.231.178.85 29791 (VOXEL-DOT...)
8 8 74.121.140.14 30419 (MEDIAMATH...)
5 5 151.101.66.49 54113 (FASTLY)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
5 2607:f8b0:400... 15169 (GOOGLE)
5 34.149.40.38 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
2 63.251.28.218 26558 (FREEWHEEL)
6 6 18.215.140.171 14618 (AMAZON-AES)
2 2 2600:9000:21e... 16509 (AMAZON-02)
2 3 51.222.239.232 16276 (OVH)
12 13 64.202.112.255 22075 (AS-OUTBRAIN)
7 54.163.145.252 14618 (AMAZON-AES)
2 2 199.187.193.177 47043 (SMARTADSE...)
8 18 52.70.124.83 14618 (AMAZON-AES)
3 3.221.62.183 14618 (AMAZON-AES)
2 7 198.148.27.139 19189 (PULSEPOINT)
4 19 52.223.22.214 16509 (AMAZON-02)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 37.157.2.234 198622 (ADFORM)
5 23.227.139.243 55081 (24SHELLS)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
3 2600:9000:21e... 16509 (AMAZON-02)
1 2 34.196.247.148 14618 (AMAZON-AES)
1 13 54.87.127.173 14618 (AMAZON-AES)
2 2 185.167.164.43 198622 (ADFORM)
3 3 70.42.32.223 22075 (AS-OUTBRAIN)
3 3 35.190.90.30 15169 (GOOGLE)
3 3 18.204.53.248 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 34.233.85.84 14618 (AMAZON-AES)
1 1 132.226.41.106 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
4 4 44.198.251.190 14618 (AMAZON-AES)
6 6 199.127.204.147 26120 (RHYTHMONE)
1 2 199.187.193.197 47043 (SMARTADSE...)
6 6 2606:ae80:145... 26762 (CNVR-US-EAST)
2 2 192.132.33.46 18568 (BIDTELLECT)
2 2 52.54.42.45 14618 (AMAZON-AES)
1 1 124.146.215.44 2514 (INFOSPHER...)
3 9 23.1.200.83 16625 (AKAMAI-AS)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13 3.127.213.224 16509 (AMAZON-02)
1 15 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 54.175.87.114 14618 (AMAZON-AES)
5 5 35.207.24.140 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
1 1 66.180.64.123 62961 (BISNET1)
1 2 142.250.80.38 15169 (GOOGLE)
1 1 8.39.36.142 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 2001:4998:14:... 14777 (YAHOO)
2 141.95.98.67 16276 (OVH)
1 15 23.52.167.93 16625 (AKAMAI-AS)
2 2 35.211.141.197 19527 (GOOGLE-2)
1 1 199.38.167.128 54312 (ROCKETFUEL)
2 2 54.93.71.13 16509 (AMAZON-02)
2 2 74.119.119.150 19750 (AS-CRITEO)
2 2 44.201.217.92 14618 (AMAZON-AES)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 18.206.6.38 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 194.213.62.37 13036 (TMOBILE-)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:ba61:0:1... 35625 (EURAFIBRE-AS)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 162.55.233.29 24940 (HETZNER-AS)
2 2 3.124.13.195 16509 (AMAZON-02)
2 2 96.46.186.57 7979 (SERVERS-COM)
1 1 34.228.204.193 14618 (AMAZON-AES)
6 34.117.239.71 396982 (GOOGLE-CL...)
1 1 8.43.72.98 26667 (RUBICONPR...)
3 199.187.193.204 47043 (SMARTADSE...)
553 129
26    144.217.183.17 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns555652.ip-144-217-183.net
dl-file.com
1    2607:f8b0:4006:822::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
6    2607:f8b0:4006:809::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
16    138.199.40.58 (United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com
kumo.network-n.com
2    2607:f8b0:4006:817::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:822::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net
s4.histats.com
1    158.69.139.226 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip226.ip-158-69-139.net
e.dtscout.com
2    158.69.139.230 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-158-69-139.net
t.dtscout.com
1    13.225.223.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-128.jfk51.r.cloudfront.net
get.s-onetag.com
3    3.134.121.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-121-229.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
3    13.225.223.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-111.jfk51.r.cloudfront.net
tags.crwdcntrl.net
1    45.55.120.93 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
t.dtscdn.com
2    2606:4700:3030::6815:4e62 (United States)

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
14    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
1    13.225.223.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-110.jfk51.r.cloudfront.net
onetag-geo.s-onetag.com
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
15    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
pubads.g.doubleclick.net
1    206.189.125.55 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
geoip.network-n.com
11    23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    3.140.54.152 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-54-152.us-east-2.compute.amazonaws.com
mb.moatads.com
1    13.225.223.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-100.jfk51.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
10    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
dp2.33across.com
ssc-cms.33across.com
2    13.225.223.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-118.jfk51.r.cloudfront.net
map.go.affec.tv
10    68.67.160.132 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
7    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
17    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.231.116.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-116-207.compute-1.amazonaws.com
usermatch.krxd.net
2    52.0.204.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-204-120.compute-1.amazonaws.com
beacon.krxd.net
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
5    54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net
41    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp1.33across.com
1    13.225.223.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-74.jfk51.r.cloudfront.net
data-beacons.s-onetag.com
8    23.92.190.69 (Cramerton, United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
5    13.225.223.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-43.jfk51.r.cloudfront.net
cdn.privacy-mgmt.com
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
network-n-com.videoplayerhub.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700::6812:451 (United States)

ASN13335 (CLOUDFLARENET, US)
00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
8    13.225.222.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-222-69.jfk51.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
5    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    23.217.18.225 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-18-225.deploy.static.akamaitechnologies.com
t.sharethis.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
00917082-71e9-498e-8343-00c3df06b798.prmutv.co
12    68.67.161.175 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
30    104.128.64.70 (New York, United States)

ASN36007 (KAMATERA, US)
live.primis.tech
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
10    34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
3    13.225.223.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-20.jfk51.r.cloudfront.net
api.intentiq.com
3    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
2    23.92.190.74 (Cramerton, United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
4    23.23.81.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-81-221.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4680:700d:3b5d:9173:685 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
21    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    104.18.98.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
4    18.207.82.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-82-126.compute-1.amazonaws.com
bcp.crwdcntrl.net
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
10    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    50.31.142.63 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1h.zemanta.com
3    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    23.20.2.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-2-123.compute-1.amazonaws.com
tlx.3lift.com
5    18.219.174.164 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-174-164.us-east-2.compute.amazonaws.com
sync.sharethis.com
3    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadus.exelator.com
loadm.exelator.com
2    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
6    13.225.223.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-57.jfk51.r.cloudfront.net
sync.intentiq.com
33    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    23.217.46.172 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-46-172.deploy.static.akamaitechnologies.com
tags.bkrtx.com
4    2607:f8b0:4006:80d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    69.12.8.74 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    23.227.137.50 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
16    199.244.49.55 (New York, United States)

ASN36007 (KAMATERA, US)
video.primis.tech
1    2620:116:800b:21:61c0:eb61:c438:2f4e (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
1    54.157.59.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-59-45.compute-1.amazonaws.com
rtb.adstanding.com
6    54.236.139.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-139-147.compute-1.amazonaws.com
ads.yieldmo.com
4    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    199.187.193.199 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
3    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
23    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
9    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    2600:1f18:612b:4232:40ff:2de3:a398:119a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mb9eo.publishers.tremorhub.com
1    15.235.42.102 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl
wt.rqtrk.eu
10    3.225.178.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-178-202.compute-1.amazonaws.com
sync.crwdcntrl.net
1    13.225.223.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-24.jfk51.r.cloudfront.net
audex.userreport.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    104.16.108.154 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    34.206.33.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-33-80.compute-1.amazonaws.com
px.surveywall-api.survata.com
2    35.84.99.10 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-99-10.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
1    64.58.232.179 (San Diego, United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.180 (San Diego, United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
2    13.225.223.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-18.jfk51.r.cloudfront.net
aa.agkn.com
1    199.127.207.188 (United States)

ASN26120 (RHYTHMONE, US)
dt-secure.videohub.tv
4    173.231.178.85 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
8    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
5    2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    63.251.28.218 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
6    18.215.140.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-140-171.compute-1.amazonaws.com
match.prod.bidr.io
2    2600:9000:21ec:8800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
13    64.202.112.255 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
7    54.163.145.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-145-252.compute-1.amazonaws.com
rtb.gumgum.com
2    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
18    52.70.124.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-124-83.compute-1.amazonaws.com
match.sharethrough.com
3    3.221.62.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-62-183.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
19    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
5    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.console.adtarget.com.tr
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    2600:9000:21ec:6000:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    34.196.247.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-247-148.compute-1.amazonaws.com
um2.eqads.com
13    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
3    18.204.53.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-53-248.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2600:1f18:4e9:5a02:ee0e:7d4f:fdcd:65ce (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    34.233.85.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-85-84.compute-1.amazonaws.com
sync.ipredictive.com
1    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    44.198.251.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-251-190.compute-1.amazonaws.com
ad.360yield.com
match.360yield.com
6    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    199.187.193.197 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
6    2606:ae80:1451:19::1370 (United States)

ASN26762 (CNVR-US-EAST, US)
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
33across-match.dotomi.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    52.54.42.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-42-45.compute-1.amazonaws.com
cs.emxdgt.com
1    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
9    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
4    2607:f8b0:4006:820::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
2    2607:f8b0:4006:816::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
1    2606:4700:10::6816:5d (United States)

ASN13335 (CLOUDFLARENET, US)
intake.pbstck.com
2    2607:f8b0:4006:81d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
13    3.127.213.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
ih.adscale.de
15    2607:f8b0:4006:80f::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:824::2006 (Staten Island, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
10    2607:f8b0:4006:80e::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    66.180.64.123 (United States)

ASN62961 (BISNET1, US)
PTR: 66-180-64-123.blueshift.net
924-img.c3tag.com
2    142.250.80.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net
ad.doubleclick.net
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    2607:f8b0:4006:80f::2006 (Staten Island, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
3    2607:f8b0:4006:81d::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:817::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
2    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
id5-sync.com
15    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
2    35.211.141.197 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
1    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    54.93.71.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-71-13.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    44.201.217.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-201-217-92.compute-1.amazonaws.com
ads.avct.cloud
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    18.206.6.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-6-38.compute-1.amazonaws.com
cc.adingo.jp
3    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    194.213.62.37 (Novy Jicin, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid4.ibillboard.com
bbnaut.ibillboard.com
1    2607:f8b0:4006:81e::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:ba61:0:126::c (France)

ASN35625 (EURAFIBRE-AS, FR)
r1---sn-apaapm4g-apae.gvt1.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
2    3.124.13.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-13-195.eu-central-1.compute.amazonaws.com
tracking.m6r.eu
tracking-a.dsp.m6r.eu
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    34.228.204.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-204-193.compute-1.amazonaws.com
cms-xch.33across.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
events-ssc.33across.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    199.187.193.204 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
Apex Domain
Subdomains		 Transfer
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
ad.doubleclick.net — Cisco Umbrella Rank: 202
static.doubleclick.net — Cisco Umbrella Rank: 358
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
pubads.g.doubleclick.net — Cisco Umbrella Rank: 482
234 KB
46 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3041
video.primis.tech — Cisco Umbrella Rank: 6031
3 MB
41 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
107 KB
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
153 KB
26 dl-file.com
dl-file.com — Cisco Umbrella Rank: 469754
2 MB
23 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
ssum.casalemedia.com — Cisco Umbrella Rank: 1323
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
27 KB
22 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 424
ib.adnxs.com — Cisco Umbrella Rank: 240
21 KB
21 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 559
eb2.3lift.com — Cisco Umbrella Rank: 414
9 KB
21 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
9 KB
20 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1176
usersync.gumgum.com — Cisco Umbrella Rank: 2306
6 KB
20 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1146
eus.rubiconproject.com — Cisco Umbrella Rank: 556
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4494
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1206
38 KB
18 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 634
5 KB
18 33across.com
dp2.33across.com — Cisco Umbrella Rank: 9721
dp1.33across.com — Cisco Umbrella Rank: 5540
ssc-cms.33across.com — Cisco Umbrella Rank: 992
cms-xch.33across.com — Cisco Umbrella Rank: 3646
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 2225
events-ssc.33across.com — Cisco Umbrella Rank: 1668
7 KB
17 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1063
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
ups.analytics.yahoo.com — Cisco Umbrella Rank: 297
ads.yahoo.com — Cisco Umbrella Rank: 1156
6 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
10 KB
17 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1570
bcp.crwdcntrl.net — Cisco Umbrella Rank: 891
sync.crwdcntrl.net — Cisco Umbrella Rank: 721
24 KB
17 network-n.com
kumo.network-n.com — Cisco Umbrella Rank: 37580
geoip.network-n.com — Cisco Umbrella Rank: 44412
144 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7301
ih.adscale.de — Cisco Umbrella Rank: 5643
16 KB
16 media.net
prebid.media.net — Cisco Umbrella Rank: 1191
contextual.media.net — Cisco Umbrella Rank: 526
hbx.media.net — Cisco Umbrella Rank: 1514
cs.media.net — Cisco Umbrella Rank: 1513
c21lg-d.media.net — Cisco Umbrella Rank: 1681
36 KB
15 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 4440
b1sync.zemanta.com — Cisco Umbrella Rank: 558
8 KB
14 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 458
stags.bluekai.com — Cisco Umbrella Rank: 481
7 KB
12 moatads.com
z.moatads.com — Cisco Umbrella Rank: 374
mb.moatads.com — Cisco Umbrella Rank: 569
px.moatads.com — Cisco Umbrella Rank: 405
190 KB
12 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 11534
t.sharethis.com — Cisco Umbrella Rank: 6046
sync.sharethis.com — Cisco Umbrella Rank: 2962
17 KB
11 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2349
api.permutive.com — Cisco Umbrella Rank: 1867
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 344
217 KB
10 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
ads.pubmatic.com — Cisco Umbrella Rank: 439
41 KB
10 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1842
mp.4dex.io — Cisco Umbrella Rank: 2444
u.4dex.io
27 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
dis.criteo.com — Cisco Umbrella Rank: 725
10 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
ce.lijit.com — Cisco Umbrella Rank: 917
5 KB
9 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1477
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 7327
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1210
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611
4 KB
9 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 656
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5213
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 9275
5 KB
9 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1683
sync.intentiq.com — Cisco Umbrella Rank: 1333
8 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
237 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
4 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 74
2 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 560
6 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 437
698 B
6 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 3755
medianet-match.dotomi.com — Cisco Umbrella Rank: 8887
33across-match.dotomi.com — Cisco Umbrella Rank: 3123
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 466
2 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 520 Failed
3 KB
6 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5436
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5881
3 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
imasdk.googleapis.com — Cisco Umbrella Rank: 407
335 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 858
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
1 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 525
i6.liadm.com — Cisco Umbrella Rank: 1678
2 KB
5 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8948
cdn.pbstck.com — Cisco Umbrella Rank: 10737
intake.pbstck.com — Cisco Umbrella Rank: 9048
95 KB
5 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 5043
58 KB
5 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 904
3 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 330
id.rlcdn.com — Cisco Umbrella Rank: 598
api.rlcdn.com Failed
885 B
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 646
match.360yield.com — Cisco Umbrella Rank: 4319
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 690
1 KB
4 adform.net
cm.adform.net — Cisco Umbrella Rank: 2172
c1.adform.net — Cisco Umbrella Rank: 571
track.adform.net — Cisco Umbrella Rank: 3865
2 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1468
3 KB
4 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 2356
odr.mookie1.com — Cisco Umbrella Rank: 947
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
3 KB
4 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 8127
ic.tynt.com — Cisco Umbrella Rank: 4602
de.tynt.com — Cisco Umbrella Rank: 1307
10 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3529
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4130
onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 24309
data-beacons.s-onetag.com — Cisco Umbrella Rank: 10981
14 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 782
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
1 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 811
ad.turn.com — Cisco Umbrella Rank: 755
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 884
712 B
3 openx.net
u.openx.net — Cisco Umbrella Rank: 756
us-u.openx.net — Cisco Umbrella Rank: 399
700 B
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1244
loadm.exelator.com — Cisco Umbrella Rank: 1247
3 KB
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 551
721 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
1 KB
3 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1256
beacon.krxd.net — Cisco Umbrella Rank: 472
836 B
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 14266
t.dtscout.com — Cisco Umbrella Rank: 11895
11 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1895
1 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 13455
tracking-a.dsp.m6r.eu — Cisco Umbrella Rank: 867287
1 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1326
r1---sn-apaapm4g-apae.gvt1.com
2 MB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 818
s.tribalfusion.com — Cisco Umbrella Rank: 2566
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2865
894 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 887
2 KB
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 4604
771 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 663
2 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
78 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 933
528 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 822
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1042
895 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3616
564 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 741
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 675
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 441
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
2 KB
2 tremorhub.com
mb9eo.publishers.tremorhub.com
995 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 518
1 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1640
468 B
2 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 6260
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3281
726 B
2 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 20363
1 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14816
s4.histats.com — Cisco Umbrella Rank: 12295
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1625
159 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 232
667 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 18966
550 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3286
417 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
686 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
42 KB
1 c3tag.com
924-img.c3tag.com — Cisco Umbrella Rank: 29719
667 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1802
833 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 857
222 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1163
572 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1227
637 B
1 videohub.tv
dt-secure.videohub.tv — Cisco Umbrella Rank: 6120
553 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1924
513 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 10107
542 B
1 survata.com
px.surveywall-api.survata.com — Cisco Umbrella Rank: 3065
783 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2155
543 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 679
241 B
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 3774
433 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 9639
351 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 8072
357 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 427
372 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3167
16 KB
1 prmutv.co
00917082-71e9-498e-8343-00c3df06b798.prmutv.co — Cisco Umbrella Rank: 101503
223 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
2 KB
1 permutive.app
00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app — Cisco Umbrella Rank: 37808
207 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1116
8 KB
1 videoplayerhub.com
network-n-com.videoplayerhub.com — Cisco Umbrella Rank: 60351
538 B
1 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1764
183 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 13247
407 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
39 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 714
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
39 KB
0 inmobi.com Failed
sync.inmobi.com Failed
0 sekindo.com Failed
amli.sekindo.com Failed
553 128
Domain Requested by
33 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
bh.contextweb.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
eb2.3lift.com
contextual.media.net
30 live.primis.tech 3 redirects kumo.network-n.com
live.primis.tech
27 cm.g.doubleclick.net 14 redirects bcp.crwdcntrl.net
rtb.gumgum.com
eus.rubiconproject.com
googleads.g.doubleclick.net
eb2.3lift.com
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
26 dl-file.com 1 redirects dl-file.com
21 x.bidswitch.net 19 redirects rtb.gumgum.com
19 eb2.3lift.com 4 redirects live.primis.tech
eb2.3lift.com
kumo.network-n.com
18 match.sharethrough.com 8 redirects s.amazon-adsystem.com
match.sharethrough.com
17 match.adsrvr.org 15 redirects live.primis.tech
kumo.network-n.com
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
srcdoc
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 video.primis.tech live.primis.tech
16 kumo.network-n.com dl-file.com
kumo.network-n.com
15 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
dl-file.com
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
14 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
um2.eqads.com
googleads.g.doubleclick.net
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 usersync.gumgum.com 1 redirects rtb.gumgum.com
13 b1sync.zemanta.com 12 redirects
12 ib.adnxs.com 6 redirects 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
eb2.3lift.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 sync.crwdcntrl.net bcp.crwdcntrl.net
10 c2shb.pubgw.yahoo.com kumo.network-n.com
live.primis.tech
10 api.permutive.com 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
10 secure.adnxs.com 9 redirects dl-file.com
9 contextual.media.net live.primis.tech
contextual.media.net
9 securepubads.g.doubleclick.net kumo.network-n.com
securepubads.g.doubleclick.net
dl-file.com
imasdk.googleapis.com
8 ssc-cms.33across.com 8 redirects
8 px.moatads.com
8 stags.bluekai.com 7 redirects eb2.3lift.com
8 sync.mathtag.com 8 redirects
8 c.amazon-adsystem.com kumo.network-n.com
c.amazon-adsystem.com
live.primis.tech
8 ap.lijit.com 4 redirects dl-file.com
7 bh.contextweb.com 2 redirects s.amazon-adsystem.com
bh.contextweb.com
7 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
7 ads.pubmatic.com live.primis.tech
s.amazon-adsystem.com
rtb.gumgum.com
kumo.network-n.com
dl-file.com
7 pixel.tapad.com 7 redirects
6 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
dl-file.com
de.tynt.com
6 match.prod.bidr.io 6 redirects
6 sync.1rx.io
6 ssum-sec.casalemedia.com 3 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
6 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
6 sync.intentiq.com 4 redirects
6 tags.bluekai.com 1 redirects dl-file.com
de.tynt.com
bcp.crwdcntrl.net
tags.bkrtx.com
6 www.google.com 1 redirects dl-file.com
tpc.googlesyndication.com
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
5 rtb.mfadsrvr.com 5 redirects
5 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
5 u.4dex.io de.tynt.com
ssbsync.smartadserver.com
5 fonts.gstatic.com fonts.googleapis.com
5 sync-tm.everesttech.net 5 redirects
5 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
5 sync.sharethis.com bcp.crwdcntrl.net
5 gum.criteo.com 2 redirects static.criteo.net
contextual.media.net
5 cdn.privacy-mgmt.com kumo.network-n.com
cdn.privacy-mgmt.com
5 ps.eyeota.net 3 redirects dl-file.com
bcp.crwdcntrl.net
4 pubads.g.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
4 creativecdn.com 4 redirects
4 cm.adgrx.com 3 redirects ssum-sec.casalemedia.com
4 pixel-sync.sitescout.com 4 redirects
4 fonts.googleapis.com dl-file.com
live.primis.tech
securepubads.g.doubleclick.net
4 bcp.crwdcntrl.net tags.crwdcntrl.net
bcp.crwdcntrl.net
4 i.liadm.com 4 redirects
4 t.sharethis.com pd.sharethis.com
t.sharethis.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 events-ssc.33across.com de.tynt.com
3 cms-xch-chicago.33across.com de.tynt.com
3 csi.gstatic.com imasdk.googleapis.com
3 cs.media.net 1 redirects contextual.media.net
3 id.rlcdn.com eus.rubiconproject.com
contextual.media.net
ssbsync.smartadserver.com
3 px.ads.linkedin.com 2 redirects eus.rubiconproject.com
3 googleads.g.doubleclick.net ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
dl-file.com
3 secure-assets.rubiconproject.com 3 redirects
3 ad.360yield.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 odr.mookie1.com 3 redirects
3 sync.outbrain.com 3 redirects
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 onetag-sys.com 2 redirects dl-file.com
3 csync.loopme.me 3 redirects
3 mp.4dex.io kumo.network-n.com
eus.rubiconproject.com
3 hbopenbid.pubmatic.com kumo.network-n.com
live.primis.tech
3 mug.criteo.com
3 p.adsymptotic.com 2 redirects eb2.3lift.com
3 um.simpli.fi 3 redirects
3 api.intentiq.com 1 redirects data-beacons.s-onetag.com
3 z.moatads.com kumo.network-n.com
z.moatads.com
live.primis.tech
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 pd.sharethis.com e.dtscout.com
t.sharethis.com
2 33across-match.dotomi.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 c21lg-d.media.net contextual.media.net
2 ads.avct.cloud 2 redirects
2 dis.criteo.com 2 redirects
2 pm.w55c.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 m.fg8dgt.com 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 id5-sync.com live.primis.tech
kumo.network-n.com
2 ad.doubleclick.net 1 redirects dl-file.com
2 ups.analytics.yahoo.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 s0.2mdn.net imasdk.googleapis.com
googleads.g.doubleclick.net
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 cs.emxdgt.com 2 redirects
2 bttrack.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects dl-file.com
2 sync.ipredictive.com 2 redirects
2 c1.adform.net 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 ad.turn.com 2 redirects
2 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
2 ssbsync-us.smartadserver.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 ads.stickyadstv.com live.primis.tech
2 aa.agkn.com 2 redirects
2 dpm.demdex.net 2 redirects
2 mb9eo.publishers.tremorhub.com 2 redirects
2 sync.smartadserver.com 1 redirects
2 u.openx.net 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 ml314.com 1 redirects
2 loadus.exelator.com 2 redirects
2 intake.pbstck.com dl-file.com
2 tlx.3lift.com kumo.network-n.com
live.primis.tech
2 b1h.zemanta.com 1 redirects kumo.network-n.com
2 ce.lijit.com
2 script.4dex.io kumo.network-n.com
script.4dex.io
2 cdn.pbstck.com boot.pbstck.com
2 idsync.rlcdn.com 1 redirects dl-file.com
2 beacon.krxd.net dl-file.com
bcp.crwdcntrl.net
2 map.go.affec.tv 1 redirects dl-file.com
2 dp2.33across.com 2 redirects
2 de.tynt.com cdn.tynt.com
dl-file.com
2 pixel.onaudience.com 2 redirects
2 a.dtssrv.com e.dtscout.com
2 t.dtscout.com e.dtscout.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 cms-xch.33across.com 1 redirects
1 tracking-a.dsp.m6r.eu 1 redirects
1 tracking.m6r.eu 1 redirects
1 sync.richaudience.com dl-file.com
1 track.adform.net 1 redirects
1 c.bing.com eb2.3lift.com
1 r1---sn-apaapm4g-apae.gvt1.com
1 redirector.gvt1.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 cc.adingo.jp 1 redirects
1 match.360yield.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 p.rfihub.com 1 redirects
1 hbx.media.net contextual.media.net
1 ads.yahoo.com eus.rubiconproject.com
1 www.googletagservices.com ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
1 static.doubleclick.net dl-file.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 924-img.c3tag.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 tg.socdm.com 1 redirects
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 loadm.exelator.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 us-u.openx.net 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 ums.acuityplatform.com 1 redirects
1 prebid.media.net live.primis.tech
1 d.turn.com 1 redirects
1 dt-secure.videohub.tv 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 c.cintnetworks.com bcp.crwdcntrl.net
1 px.surveywall-api.survata.com 1 redirects
1 dmp.truoptik.com bcp.crwdcntrl.net
1 trc.taboola.com bcp.crwdcntrl.net
1 audex.userreport.com bcp.crwdcntrl.net
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 rtb.adstanding.com 1 redirects
1 pixel.quantserve.com
1 s.console.adtarget.com.tr live.primis.tech
1 tags.bkrtx.com pd.sharethis.com
1 i6.liadm.com
1 cdn.permutive.com 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
1 00917082-71e9-498e-8343-00c3df06b798.prmutv.co 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
1 boot.pbstck.com kumo.network-n.com
1 cdn.jsdelivr.net kumo.network-n.com
1 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app kumo.network-n.com
1 btloader.com dl-file.com
1 network-n-com.videoplayerhub.com 1 redirects
1 data-beacons.s-onetag.com get.s-onetag.com
1 dp1.33across.com 1 redirects
1 spl.zeotap.com dl-file.com
1 usermatch.krxd.net 1 redirects
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 mb.moatads.com z.moatads.com
1 geoip.network-n.com kumo.network-n.com
1 ic.tynt.com dl-file.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 t.dtscdn.com e.dtscout.com
1 cdn.tynt.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 s10.histats.com dl-file.com
1 www.gstatic.com www.google.com
1 static.criteo.net dl-file.com
1 maxcdn.bootstrapcdn.com dl-file.com
1 www.googletagmanager.com dl-file.com
0 api.rlcdn.com Failed kumo.network-n.com
0 sync.inmobi.com Failed s.amazon-adsystem.com
0 amli.sekindo.com Failed
553 214
Subject Issuer Validity Valid
dl-file.com
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
kumo.network-n.com
R3		 2022-05-04 -
2022-08-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
histats.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
sharethis.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.dtscdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-04 -
2022-12-04		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
geoip.network-n.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-08 -
2022-11-08		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.privacy-mgmt.com
R3		 2022-05-21 -
2022-08-19		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-05-16 -
2022-08-14		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
cert1.a1.atm.aqfer.net
R3		 2022-05-12 -
2022-08-10		 3 months crt.sh
*.prmutv.co
R3		 2022-04-12 -
2022-07-11		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2022-04-19 -
2022-06-18		 2 months crt.sh
api.permutive.com
R3		 2022-04-20 -
2022-07-19		 3 months crt.sh
*.intentiq.com
Amazon		 2022-03-20 -
2023-04-17		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-03-29 -
2022-06-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.rqtrk.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-18 -
2022-06-18		 a year crt.sh
*.userreport.com
Amazon		 2022-01-19 -
2023-02-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.truoptik.com
Entrust Certification Authority - L1K		 2021-10-22 -
2022-10-22		 a year crt.sh
*.cintnetworks.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-04 -
2022-11-04		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.eyeota.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2022-05-12 -
2022-08-10		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh

This page contains 77 frames:

Primary Page: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Frame ID: 708D4068EE5DC96EF3E673594FEBF888
Requests: 178 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001653251084643A347CED243E8EEA
Frame ID: 8D75B60B4E041C9B0E2D4DD4B9C93688
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 93601FB58D408A2DCF797CFCA4656D29
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=119145340192793&ret=html&random=1653251085
Frame ID: 8F3ECDAFE4A9EE4C42BFE0B132921A59
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dl-file.com
Frame ID: 283437D4ECBF12EAD8D6D4D75C11585D
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=21963
Frame ID: 8E218934C1BDC5AA79088E901FEA807D
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_f06496e7,1&cbuster=1653251085504&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&s=109741&cbuster=1653251085&pubUrlAuto=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkZnNnprcGN6Z2hxZHIlMkZCYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhciUyMiU3RCU3RA==
Frame ID: FDC3D313B49187DC2C9EFD27AE989616
Requests: 41 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
Frame ID: 062DDDC3E6ADE28D6081AA73A0541B31
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.943.23339/a/CA/t_.js?cid=c010&cls=C
Frame ID: 6CFF5ACEF2E21275F7D5CC77005125E3
Requests: 7 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 901FCB137F3AF822ECC9A331C561F182
Requests: 1 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 48F683847B794CD0675C6B55D3246114
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&dcc=t
Frame ID: E4568C7FC39FB0F8BA55804DFF03E927
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 27B1D619EB618AC66103AE2D6F78B252
Requests: 24 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 944E3076F868EEECEFB7FEB8719AD898
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 2E03F0CF0A0940BBB1F82BACD59E9522
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=94&advUuid=38d217dd-da0d-11ec-8eb3-1d3b083c0303
Frame ID: 016DE8D898097E4358BC34FC1CAADD1B
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=98&advUuid=e011f362-90df-49ea-a95d-53df5909a4d9
Frame ID: A8B4196CAFB05A6158FD8D7A4CE2DF41
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: DB9015CE7442AF9828AF0EE18C544B08
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Frame ID: 4001EEA471C29B4E0A00C6B8B350CCF4
Requests: 7 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Frame ID: 1DBF35475327EC808EDED3B65D8E6E8B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 41EBA0241EFD96B528F57E6EC99A3D23
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: 581AE195C39DC41337C5B18A2E346E0C
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
Frame ID: A95E0FFC2827536FF7B3B35C34DAEE76
Requests: 1 HTTP requests in this frame

Frame: https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0
Frame ID: E5F8103461F8252F7AF9D1E7878C7A86
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: A1A7C453E348B230E73B0BB7C4F1B551
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Frame ID: 080B25766E1310B6FF8E15A0C7F86E62
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 807EE0E0AF3754AE2A9221508A664D79
Requests: 7 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: AFF82F21CC7BD1F7EB02278FE9A55023
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381419749697304055279
Frame ID: 1BC5F7A4D20012D7C1F946909083821C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Beeswax_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain
Frame ID: A2C3092110EBB0A168DE3713D2911B0A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 75ED9F18ADF9449C0794432ABBD98E22
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 80A9FC6D0087C1B82BC008A509ACD23D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 3CA7475F7FF06930440D669DFE001DBA
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cARoN1Zi0F9JT8Xj9Aen&pi=admatic&tc=1
Frame ID: 83AB4809FA598B441F74AA75C3944B0B
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 809678F41AB92CDE24F4794F80C18F36
Requests: 5 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: C68F614C867C92919173B0E1B0429C75
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Frame ID: 083AA137A95F54E0B4B1313FA1E29A6B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YoqcDgADRCjODwAj&gdpr=0&gdpr_consent=
Frame ID: 9456BBC2503D521B7A2EE060C8049454
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jMGZmMTExYy0zMzQ3LTQ5M2EtODdhYy02ZmUyN2Q0YTAwZjc=&gdpr=0&gdpr_consent=
Frame ID: 5534EFA7C147FA8DB37DBEA6C398D20E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 6F1DC7AAAA299494FDB53750716F0456
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=e7d976ba-c653-41a4-983d-9d0c2b298e72&t=1655843087
Frame ID: B25379564517C3F19B43DF9264CC6577
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=6542586661939034833brt77451653251087190954b2
Frame ID: 93F76F3014A3EC4B56BB840B4B67114B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YoqcD8Co8XgAADv0D44AAAAA
Frame ID: 9DA5EC64031678689C76F546A365F54E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=cARoN1Zi0F9JT8Xj9Aen&pi=gumgum&tc=1
Frame ID: 47BF851B6D77D67ACE3B26B8458EBDF5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 4D37C468768C9EF074BF0B63C0EF5518
Requests: 2 HTTP requests in this frame

Frame: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C5609869A7A0146C9DB3D0307F13FA83
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: 44C0F7333FBC12E9D40BA667CD29E2A8
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: D5CF955BCDA856CC0552B9BAAF09154A
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 87769603C5767E997712022E32A2788B
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 0AC4A0F73C7074DB3366EC6BF1D5CD90
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: CAB3F0A06049ECF4010F63088DDEDC75
Requests: 5 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: D3555E358D581B9FFF6CFB85BE7B5142
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
Frame ID: 7919CB6CA0B42716D50E0B562DB13550
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 7988428B58B631C91E4C9DD53ECA7E5E
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: F57B3EA9C51CC689458F60875F0201D2
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7B11010052351926CE3F4F0BAD250ACA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D73B13C9E6E67E86FFA5D79A224607EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33EB02CA506442B4A1389423C1B2EEE5
Requests: 2 HTTP requests in this frame

Frame: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F6CFB01D8A1D1861D05D9DC05F8590D
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: 6FB992F86B1BD125431CFBA2C81D378D
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: AA48E51B3F9557DAB6FABFE766544734
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGPGBy8kBMAE&v=APEucNVGwfspoUAQaAmp6zIenkl36FWUW4RBNJq86GD0yvp9RFAZKSGp1puEVfepCb8ciylQZsnN1pPK_dKcaYHI-TV2hAIqjhOIVPyp2l_Aq18W_2zAysQ
Frame ID: 2928D55D718E92832E12398EF366528D
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160887
Frame ID: 59EA31592EDAEDFCF7762B1457D2BDEC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: BB45C47D8D72341D1B6FF326ED4DDA09
Requests: 16 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 779F8FA4BECDED0AC68AA7F84E020ADB
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B00D70617A389446C2A1D71A0CBB13AA
Requests: 9 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 40283B3CCC745C0A3B47781951872019
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2962526861455797000V10&type=rkt&refUrl=&vid=32510886792962526861455797000V10&ovsid=979321824873700273
Frame ID: F4D896962CFF7E7DD2DEC45F985D1833
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 48809CDBB8D89FD909CE3A32809EB2BE
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8999F2CB56F6F95A223AE688D5C79F8A
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=
Frame ID: C0D681C9744363FCEB22C61E140BF274
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Frame ID: D7F31CA74D140EE851138C89EC45620C
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 55DCDA002A08498EB54694B674249421
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 2A28F0048B8C260858101B6959C196D8
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: ED97B07C178CC3F7C57C715A46AC1D2F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: BE41676D5C83F5F063D4DD70F3CA0EC2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Frame ID: 19432A642756410DC315D9E3F2906902
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download Banks 2012 Chevy131217 rar

Page URL History Show full URLs

  1. http://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html HTTP 301
    https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

553
Requests

68 %
HTTPS

24 %
IPv6

128
Domains

214
Subdomains

129
IPs

11
Countries

9956 kB
Transfer

16612 kB
Size

278
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html HTTP 301
    https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001653251084643A347CED243E8EEA HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=234e86bdb3e0c5dd
Request Chain 70
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1653251085268.4 HTTP 302
  • https://tags.bluekai.com/site/27519?id=119145340192793&ret=html&random=1653251085
Request Chain 71
  • https://map.go.affec.tv/map/3a/?pid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&ts=1653251085268.1 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D628a9c0dd6bfb40001b82881%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D628a9c0dd6bfb40001b82881%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D HTTP 302
  • https://map.go.affec.tv/map/an/1208351848795471557?ch=628a9c0dd6bfb40001b82881&chc=tt&floc=&redirect_url=
Request Chain 72
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&random=1653251085268.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&random=1653251085268.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=41c84834-87df-4e67-95cb-1060735f6550%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=41c84834-87df-4e67-95cb-1060735f6550%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&ttd_puid=41c84834-87df-4e67-95cb-1060735f6550%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 73
  • https://dp2.33across.com/ps/?pid=1205&random=1653251085268.3 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=2105641270506
Request Chain 74
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&33random=1653251085268.5&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&33random=1653251085268.5&cat=33across HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm90OERiODVRUU5WcDBhdW1JdmNtV3hRNkJmSTFmYmY3Z3pKVHNUR3pCUDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mm90OERiODVRUU5WcDBhdW1JdmNtV3hRNkJmSTFmYmY3Z3pKVHNUR3pCUDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESELBtK89KA4_-7QBif8DsHbE&google_cver=1
Request Chain 76
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&random=1653251085268.7 HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=2105641270534&seg_code=33x&random=1653251085 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D2105641270534%26seg_code%3D33x%26random%3D1653251085
Request Chain 79
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 80
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 81
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 83
  • https://network-n-com.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=network-n-com&upapi=true
Request Chain 110
  • https://um.simpli.fi/lj_match?r=68094 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=598588BF699A41FFBCD52BD1BAC4F1E6
Request Chain 111
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8 HTTP 303
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8&_li_chk=true&previous_uuid=ed571540fca24ca9b474f9712d091f43 HTTP 303
  • https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8
Request Chain 112
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=Er1IbSZHL47ybBDGSQuh-qUU HTTP 303
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=Er1IbSZHL47ybBDGSQuh-qUU&_li_chk=true&previous_uuid=bf65d63700904d62b6b83c6d7ab2ec33 HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Request Chain 113
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=Er1IbSZHEQFzpIZfRt6_Z4U8&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=87650 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=Er1IbSZHEQFzpIZfRt6_Z4U8&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=87650&_expected_cookie=6b09ca46c738626abd3a92773d5eb822 HTTP 302
  • https://ce.lijit.com/merge?pid=5014&3pid=6b09ca46c738626abd3a92773d5eb822
Request Chain 116
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dl-file.com&sn=ChromeSyncframe&so=0&topUrl=dl-file.com&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LQUFz3wzYy96Z0FBbEh6RTFLaUZkUk5qZmZRZHY3SVI2TUFlSmg0YmtIa1BkVkE2VXQ1azJZSEtySzk1LzBSRXNUNzFaVW5oNGNrRnE3blNlSWc1Z0hDdm9LSG9QeWp5N2NXWi9vSVVZSGFWWG93T0MrNHIwL20rNlBSODV4NDVERVZKKzlXbG15SnhMQTVUcmZEMk1xL093S2dON1JMWkhSdDcyd3RVWjUrRWVQd3NuamtZd29GVUU1d1NDY2dXSXNqaFpLVlYwLzZHRVhzRzFNYXBxNEl1c0tuRG9nelNUdFhtVENsN2loVHMxMUltMTBiOTYrYjhkMlY3bG9wdHpEY0djWkd1KzVMcDQvZTViYUxoc2JMM0FXZz09fA&cppv=2
Request Chain 139
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Request Chain 140
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=666f36a08e6fa27eb148bf1955312025
Request Chain 141
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2aHOcoSmQz0uya1xpG5v9sCW4tmQtgDOnk5A_7H2M7PA&gdpr=0&gdpr_consent=
Request Chain 142
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHsAAWKKnA0AAAAIEr7SAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3627391049667706902 HTTP 307
  • https://ml314.com/csync.ashx?fp=542a2764f280f9188469900de0365b93256288284fabad7eda2ac14b6f64f926f4cb09cee1a4f8eb&person_id=3627391049667706902&eid=50082
Request Chain 143
  • https://tags.bluekai.com/site/59574?id=ZHsAAWKKnA0AAAAIEr7SAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=yrEEBXZe99Yf5%2Foi&BK_SWAP_DEST=5957
Request Chain 146
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.07&iiqidtype=2&iiqpcid=47d7c286-f97f-4398-a22d-e76a085ab6c3&iiqpciddate=1653251086207&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=304_1653251086207&fbp=2503514557&cttl=43200000&rrtt=0&dud=0&abtg=A&ref=dl-file.com HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.07&iiqidtype=2&iiqpcid=47d7c286-f97f-4398-a22d-e76a085ab6c3&iiqpciddate=1653251086207&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=304_1653251086207&fbp=2503514557&cttl=43200000&rrtt=0&dud=0&abtg=A&ref=dl-file.com&ckls=true&ci=osN6k4D2kJ&nc=false&trid=-196271344
Request Chain 150
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&dcc=t
Request Chain 157
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=38d21844-da0d-11ec-8eb3-1d3b083c0303 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=94&advUuid=38d217dd-da0d-11ec-8eb3-1d3b083c0303
Request Chain 158
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=98&advUuid=e011f362-90df-49ea-a95d-53df5909a4d9
Request Chain 172
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sekindo&bidswitch_custom_parameter=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=aa24cbad3edd9d07de7536ed62dcb932&expires=30&ssp=sekindo&bsw_param=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1267919208%26pcid%3D883106e7-cc3d-4349-8ca2-eb9e0f1b0f05%26csh%3D&advId=24830&advUuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&csh= HTTP 302
  • https://ads.yieldmo.com/pbsync?redirectUri=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1868283820%26mi%3D10%26csh%3D1723987475%3B1267919208%26rnd%3D-1333688244%26pcid%3D%24UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1868283820&mi=10&csh=1723987475;1267919208&rnd=-1333688244&pcid=g446a9ba13a782515297 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/datonics/usersync?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D685030305%26mi%3D10%26csh%3D1723987475%3B1267919208%3B1868283820%26rnd%3D27796196%26pcid%3D{userId} HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=685030305&mi=10&csh=1723987475;1267919208;1868283820&rnd=27796196&pcid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1881119486%26mi%3D10%26csh%3D1723987475%3B1267919208%3B1868283820%3B685030305%26rnd%3D-789867183%26pcid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1723987475;1267919208;1868283820;685030305&rnd=-789867183&pcid=[sas_uid]&cklb=1
Request Chain 173
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=93&advUuid=992a8306-d580-49c1-ba88-3cbada04cc2b
Request Chain 174
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=99&advUuid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Request Chain 175
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D381419749697304055279&advId=121&advUuid=381419749697304055279 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=381419749697304055279 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-205220064%26pcid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-205220064%26pcid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEUxMzU5QUItODM4Qy00OTczLUIxNjctODM2Q0Q0OUZBRUQw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=259151345&rnd=-205220064&pcid=0E1359AB-838C-4973-B167-836CD49FAED0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D259151345%3B1402230080%26rnd%3D-546226825&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=259151345;1402230080&rnd=-546226825&pcid=6542586661939034833 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%26rnd%3D124252019%26pcid%3D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=259151345;1402230080;1709765917&rnd=124252019&pcid=e011f362-90df-49ea-a95d-53df5909a4d9 HTTP 302
  • https://ce.lijit.com/merge?pid=8101&3pid=osN6k4D2kJ&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-776831740%26pcid%3D%5BSOVRNID%5D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=259151345;1402230080;1709765917;1486637409&rnd=-776831740&pcid=Er1IbSZHEQFzpIZfRt6_Z4U8 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D-1750654349%26pcid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182&rnd=-1750654349&pcid=38d217dd-da0d-11ec-8eb3-1d3b083c0303 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D1898466470%26pcid=[MM_UUID] HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182;1072441116&rnd=1898466470&pcid=afb5628a-9c0e-4600-94cb-309c0e1eca58 HTTP 302
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-1190626119%26pcid%3D%5BRX_UUID%5D
Request Chain 176
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=L3HR0EPW-1N-ILOC&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1725065545%26pcid%3DL3HR0EPW-1N-ILOC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=L3HR0EPW-1N-ILOC HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=osN6k4D2kJ&expires=1825&rnd=1440516198
Request Chain 178
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=105&advUuid=6542586661939034833
Request Chain 179
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D+584182936%26pcid%3D53a3185e737c4fb7ab973d665b5feed4&advId=126&advUuid=53a3185e737c4fb7ab973d665b5feed4 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=%20584182936&pcid=53a3185e737c4fb7ab973d665b5feed4
Request Chain 180
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=628a9c0de2bb2&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D2962526861455797000V10&advId=127&advUuid=2962526861455797000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=2962526861455797000V10 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D521485151%26pcid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D521485151%26pcid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzA4N0FDQTgtNTg1Ny00RjUyLUIyOTUtMURCQjEyNjdCQjhB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=259151345&rnd=-205220064&pcid=0E1359AB-838C-4973-B167-836CD49FAED0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D259151345%3B1402230080%26rnd%3D-1767625279&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=259151345;1402230080&rnd=-1767625279&pcid=6542586661939034833 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%26rnd%3D-366992590%26pcid%3D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=259151345;1402230080;1709765917&rnd=-366992590&pcid=e011f362-90df-49ea-a95d-53df5909a4d9 HTTP 302
  • https://ce.lijit.com/merge?pid=8101&3pid=osN6k4D2kJ&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%26rnd%3D685318290%26pcid%3D%5BSOVRNID%5D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=259151345;1402230080;1709765917;1486637409&rnd=685318290&pcid=Er1IbSZHEQFzpIZfRt6_Z4U8 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D519425269%26pcid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182&rnd=519425269&pcid=38d217dd-da0d-11ec-8eb3-1d3b083c0303 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D1364401370%26pcid=[MM_UUID] HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182;1072441116&rnd=1364401370&pcid=afb5628a-9c0e-4600-94cb-309c0e1eca58 HTTP 302
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D409511336%26pcid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/intentiq/0?zcc=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D409511336%26pcid%3D%5BRX_UUID%5D&cb=1653251088893
Request Chain 185
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e7d976ba-c653-41a4-983d-9d0c2b298e72/gdpr=0/gdpr_consent=
Request Chain 188
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D41c84834-87df-4e67-95cb-1060735f6550%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D41c84834-87df-4e67-95cb-1060735f6550 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6542586661939034833&pt=41c84834-87df-4e67-95cb-1060735f6550%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D41c84834-87df-4e67-95cb-1060735f6550 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=41c84834-87df-4e67-95cb-1060735f6550
Request Chain 190
  • https://px.surveywall-api.survata.com/t HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=a6f51a11-a94a-6492-c927-768e63be88f8
Request Chain 191
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87599100878721057212117953507650655141/gdpr=0
Request Chain 195
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=320ccd6ee26dd0ed1d01c6b9194fb816 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=320ccd6ee26dd0ed1d01c6b9194fb816
Request Chain 196
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213690604159013372131&gdpr=0&gdpr_consent=
Request Chain 198
  • https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-989b7e35b2ac3e85bb0e16f979d93d2f
Request Chain 199
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D363%26tp%3DADGR%26tpid%3D__AG_UID__%26gdpr%3D0 HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D363%26tp%3DADGR%26tpid%3D__AG_UID__%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=363&tp=ADGR&tpid=38f5cf0e-da0d-11ec-a242-f3edface7b2c&gdpr=0
Request Chain 200
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=afb5628a-9c0e-4600-94cb-309c0e1eca58&src=lot&gdpr=0
Request Chain 201
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341/gdpr=0
Request Chain 202
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=YoqcDgADRCjODwAj HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YoqcDgADRCjODwAj/gdpr=0&_test=YoqcDgADRCjODwAj
Request Chain 205
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/320ccd6ee26dd0ed1d01c6b9194fb816/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2740194895956978880/gdpr=0
Request Chain 206
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=607378696 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6542586661939034833/gdpr=0/rand=607378696
Request Chain 209
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6542586661939034833
Request Chain 224
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHsAAWKKnA0AAAAIEr7SAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.943.23339%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=11713618 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Request Chain 226
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Request Chain 227
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
Request Chain 228
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
Request Chain 229
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
Request Chain 230
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
Request Chain 231
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHUYVS4ZUJBXUOZ3TIJEHMRCYNMYDK4BNMM&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHUYVS4ZUJBXUOZ3TIJEHMRCYNMYDK4BNMM HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=1Ys4HoGgsBHvDXk05p-c
Request Chain 234
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
Request Chain 240
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381419749697304055279
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJWT2eu5dnqK_FWfXIBmMA8&google_cver=1
Request Chain 243
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoqcDqa9EIQ3upvl3ZMnoAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
Request Chain 245
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&expiration=1655843086&gdpr=0&gdpr_consent=
Request Chain 246
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2740194895956978880
Request Chain 247
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=671066848977
Request Chain 248
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=38f5cf0e-da0d-11ec-a242-f3edface7b2c
Request Chain 253
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cARoN1Zi0F9JT8Xj9Aen&pi=admatic&tc=1
Request Chain 256
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 258
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6542586661939034833
Request Chain 259
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_c0ff111c-3347-493a-87ac-6fe27d4a00f7&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=257778268428343628&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Request Chain 260
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28wRNN9zFmbj05Oy0jR8voNmLbkkKQpi7GoxOsoVxWMMMSHqPnChEsqrazYAROY09Y%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28wRNN9zFmbj05Oy0jR8voNmLbkkKQpi7GoxOsoVxWMMMSHqPnChEsqrazYAROY09Y%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_c0ff111c-3347-493a-87ac-6fe27d4a00f7&obuid=ENC(wRNN9zFmbj05Oy0jR8voNmLbkkKQpi7GoxOsoVxWMMMSHqPnChEsqrazYAROY09Y) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=wRNN9zFmbj05Oy0jR8voNmLbkkKQpi7GoxOsoVxWMMMSHqPnChEsqrazYAROY09Y HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&ssp=outbrain&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593732964967993940&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Doutbrain%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=41c84834-87df-4e67-95cb-1060735f6550&ssp=outbrain&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213690604159013372131&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964967993940&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 261
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e089b1a2-f48c-494f-8a43-d5117d11e68a
Request Chain 262
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189
Request Chain 263
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-EsF7E1BE2pf_h.ff6tYI7Nx2dfc6rtfKufft~A
Request Chain 264
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=3941db53-da0d-11ec-9787-fd5140d466c9
Request Chain 265
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=AABB9ADACF7E4362BF7ABA6AC7CFC581
Request Chain 267
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c0ff111c-3347-493a-87ac-6fe27d4a00f7&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MKZOM2EQ32HM5ZUESDWIRMGWMBVOAWWG&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MKZOM2EQ32HM5ZUESDWIRMGWMBVOAWWG HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1Ys4HoGgsBHvDXk05p-c
Request Chain 268
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=e2706e76-314b-4c21-be50-680abe016322
Request Chain 269
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1653251087407 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 270
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=FTsOektZjWnj&ev=1&pid=558355
Request Chain 271
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7226180436008749240
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bDFiaGxCVGxMSjZ1bVhuWGp0Q3h2QQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOgP7WaMhQr0uGItTeT4bN0&google_cver=1
Request Chain 274
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=79a49aec380b121a&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGbf7Vmj-2pAMswu6BAAAAAAA&expiration=1653337487&nuid=&is_secure=true
Request Chain 275
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Daf2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253Daf2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3Daf2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&gdpr_in_effect=0&gdpr_consent=
Request Chain 278
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=70d87672-d46b-46ef-a42e-6a527caea7db&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 279
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Request Chain 280
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Request Chain 281
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YoqcDgADRCjODwAj
Request Chain 283
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Request Chain 284
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent= HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAC6uk7FFTgAACrN1omqBg&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=e7d976ba-c653-41a4-983d-9d0c2b298e72
Request Chain 286
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=hGUazrWaT_Zaxy0IAWSSGJU4mb0
Request Chain 287
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=FTsOektZjWnj&ev=1&pn_id=pp&pid=561118
Request Chain 288
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Request Chain 289
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YoqcDgADRCjODwAj&gdpr=0&gdpr_consent=
Request Chain 292
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=e7d976ba-c653-41a4-983d-9d0c2b298e72&t=1655843087
Request Chain 293
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6542586661939034833&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=6542586661939034833brt77451653251087190954b2
Request Chain 294
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YoqcD8Co8XgAADv0D44AAAAA
Request Chain 295
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=cARoN1Zi0F9JT8Xj9Aen&pi=gumgum&tc=1
Request Chain 296
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 307
  • https://ih.adscale.de/uu?cbfn=receive&t=1653251087 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1653251087&nut&uu=5e6f3911535f43f0861f27ff82c9607d
Request Chain 308
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
Request Chain 309
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
Request Chain 310
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
Request Chain 311
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
Request Chain 312
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPJRLFZTISDPI5TXGQSIOZCFQ2ZQGVYC2YY HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPJRLFZTISDPI5TXGQSIOZCFQ2ZQGVYC2YY HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=1Ys4HoGgsBHvDXk05p-c
Request Chain 319
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
Request Chain 320
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 326
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
Request Chain 327
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Request Chain 328
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Request Chain 329
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6542586661939034833
Request Chain 331
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6542586661939034833
Request Chain 332
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Request Chain 333
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC6uk7FFTgAACrN1omqBg&expiration=1654460687
Request Chain 334
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=09a5d017-5eaf-4f20-8c99-f6f092fcae3d&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 335
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=70d87672-d46b-46ef-a42e-6a527caea7db
Request Chain 337
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
Request Chain 340
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Request Chain 341
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=50aae929-4949-402d-be95-e0a3492c1ff4&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 342
  • https://b1sync.zemanta.com/usersync/yieldmo?&cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3FPBRWQYLOM5ST26LJMVWGI3LPEZYG4X3JMQ6XUJTVONSXE2LEHUYVS4ZUJBXUOZ3TIJEHMRCYNMYDK4BNMM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3FPBRWQYLOM5ST26LJMVWGI3LPEZYG4X3JMQ6XUJTVONSXE2LEHUYVS4ZUJBXUOZ3TIJEHMRCYNMYDK4BNMM HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=1Ys4HoGgsBHvDXk05p-c
Request Chain 362
  • https://924-img.c3tag.com/v.gif?cid=924&c3ce=700&C3NO=1&adid=3019014028&c3=N349404.134426GOOGLEDISPLAYNETWO-335547989-170824783&creative=170824783&redirect=~{https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10404391.335547989;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?}~ HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10404391.335547989;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10404391.335547989;dc_pre=CLCQ4J748_cCFd6Pswodh2kMKA;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 368
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&khaos=L3HR0EPW-1N-ILOC HTTP 302
  • https://mp.4dex.io/setuid?bidder=rubicon&uid=L3HR0EPW-1N-ILOC&gdpr=0&gdpr_consent=undefined
Request Chain 370
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDb8PbwdhCQAxiQAzIIOcJediJBM0Q HTTP 301
  • https://tpc.googlesyndication.com/simgad/14844484113327869233
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL5aYXhBao3ENd_zlgtrhxs&google_cver=1
Request Chain 388
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HR0EPW-1N-ILOC&gdpr=0
Request Chain 389
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TqXCD5RRSROwi3cRWl45JQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TqXCD5RRSROwi3cRWl45JQ&gdpr=0
Request Chain 390
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIUjBFUFctMU4tSUxPQw==&gdpr=0
Request Chain 392
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3HR0EPW-1N-ILOC&sigv=1&esig=2~47f43636bab3711ad981f94c336ac705c919edfe&gdpr=0
Request Chain 393
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Mzg5MTI5YzIwYjJkZDc0YmIyMjMyOWU3MWRhYTQ4MzdiNGVmM2NkZA&gdpr=0
Request Chain 394
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L3HR0EPW-1N-ILOC&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 395
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1&gdpr=0
Request Chain 401
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoqcDqa9EIQ3upvl3ZMnoAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAKET96YFvAGFRZp8MzIMLc&google_cver=1
Request Chain 403
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0MjU4NjY2MTkzOTAzNDgzMw%3D%3D
Request Chain 409
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9af8fd9778abb37615ecf8cae54ca25&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=h8021_7100659355036967084&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e7d976ba-c653-41a4-983d-9d0c2b298e72 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OWFmOGZkOTc3OGFiYjM3NjE1ZWNmOGNhZTU0Y2EyNQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIYZAPEgPXgf304o6EYYzes&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAC6uk7FFTgAACrN1omqBg&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/9af8fd9778abb37615ecf8cae54ca25?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bUcPrg9E2oMMDuQnlXpgRv2cARdAzhPBPr95Nb5v~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=xaBBc4a91NSS895 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=38f5cf0e-da0d-11ec-a242-f3edface7b2c HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6542586661939034833 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6795743&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=3941db53-da0d-11ec-9787-fd5140d466c9 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Request Chain 415
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e7d976ba-c653-41a4-983d-9d0c2b298e72&dongle=0cfd
Request Chain 416
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK1CeBm196VWcWYv8S8TH9Q&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 418
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5
Request Chain 419
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=381419749697304055279&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=381419749697304055279&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5c9075e3-9435-48cf-b048-2b3e8c7caa32&_noobservation=1
Request Chain 420
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/381419749697304055279?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CHp_CjpE2oTYB4Bf_5GCoMJhrGkgYuOX_pDsgRkkkg--~A&dongle=0883
Request Chain 421
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=381419749697304055279&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=8b35b8aa-cd3d-4f1d-aaba-83971892ec1a HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 423
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GFMXGNCIN5DWO42CJB3EIWDLGA2XALLD&gdpr=0
Request Chain 425
  • https://ad.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=e2706e76-314b-4c21-be50-680abe016322
Request Chain 434
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Drkt%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2962526861455797000V10&type=rkt&refUrl=&vid=32510886792962526861455797000V10&ovsid=979321824873700273
Request Chain 435
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dcon%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=178751f958e41219&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dcon%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=con&refUrl=&vid=32510886792962526861455797000V10&ovsid=AAAGbrS7t6OYsAMJe66fAAAAAAA&expiration=1653337488&is_secure=true
Request Chain 436
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dmma%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=mma&refUrl=&vid=32510886792962526861455797000V10&ovsid=afb5628a-9c0e-4600-94cb-309c0e1eca58
Request Chain 437
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dr1%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dr1%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D%5BRX_UUID%5D&cb=1653251088712 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=r1&refUrl=&vid=32510886792962526861455797000V10&ovsid=OPTOUT
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjk2MjUyNjg2MTQ1NTc5NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKW90RnYL4DmsO2Qf8bdYK4&google_cver=1
Request Chain 439
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D32510886792962526861455797000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=dxu&refUrl=&vid=32510886792962526861455797000V10&ovsid=xaBBc4a91NSS895
Request Chain 440
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=af93f6ef-f16d-4099-b899-77901b9bf8e0
Request Chain 441
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a7b5763f-103c-4a05-bf76-bce22d4435aa&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 442
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2962526861455797000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=50aae929-4949-402d-be95-e0a3492c1ff4&cs=1
Request Chain 444
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d976ba-c653-41a4-983d-9d0c2b298e72
Request Chain 445
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2962526861455797000V10 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2962526861455797000V10
Request Chain 447
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIW4uxF4gFbNTjUuivVc7X8&google_cver=1&google_push=AYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIW4uxF4gFbNTjUuivVc7X8&google_cver=1&google_push=AYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 448
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBeYvrtoSU-DmNKELqV9hDQ&google_cver=1&google_push=AYg5qPJOQmFd2oDFGX45uMTGNqCPGOHI35J8kyBYF8oZwK5d9gx0Mge0MhOuYCMtSQNNWcNw-ik6pm-SmvwFzyGLcYjRBpZMDgM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJOQmFd2oDFGX45uMTGNqCPGOHI35J8kyBYF8oZwK5d9gx0Mge0MhOuYCMtSQNNWcNw-ik6pm-SmvwFzyGLcYjRBpZMDgM&google_hm=MVlzNEhvR2dzQkh2RFhrMDVwLWM=
Request Chain 449
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEINmC5xM1VzLiou_dhjUgvo&google_cver=1&google_push=AYg5qPIjv7dXsnTMMycxak8O0uDGLanUzFy5JXLOABzwZ9jhVmnPJt7boM8eQwynyYHpbJfaRwGnqBYVLX3kONpSzGPh6Sttvsgo HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIjv7dXsnTMMycxak8O0uDGLanUzFy5JXLOABzwZ9jhVmnPJt7boM8eQwynyYHpbJfaRwGnqBYVLX3kONpSzGPh6Sttvsgo&google_hm=Er1IbSZHEQFzpIZfRt6_Z4U8
Request Chain 450
  • https://match.360yield.com/match/ebda?google_gid=CAESELlxEqJfV0_s34HNhsXTzuM&google_cver=1&google_push=AYg5qPJak2ypS4OIpSbpwG9WmtPK7xBgVcChVPoTJtsZi3c1I1w4BnDBIZNuqg2NG4fxgm5jc-lGzEZloQu__EPpydIrKGaErWMS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4nBudjFLTCG-UGgKvgFjIg&google_push=AYg5qPJak2ypS4OIpSbpwG9WmtPK7xBgVcChVPoTJtsZi3c1I1w4BnDBIZNuqg2NG4fxgm5jc-lGzEZloQu__EPpydIrKGaErWMS
Request Chain 451
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKhtPGdo_4fXMe8KKbeaj48&google_cver=1&google_push=AYg5qPLD8qkEB5agmE6mv8EvtTC1QSWD568dLf-iA1w5X7tT37m-3TG2l881wVQR6vwb8pBaazRJ2bh3k0YRzLqcTva9GXdj74UX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5&google_push=AYg5qPLD8qkEB5agmE6mv8EvtTC1QSWD568dLf-iA1w5X7tT37m-3TG2l881wVQR6vwb8pBaazRJ2bh3k0YRzLqcTva9GXdj74UX
Request Chain 452
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPxcsNQ6qUdcLUxH_3WGJIQ&google_cver=1&google_push=AYg5qPLxziBBrRe_pS3e1AV4-iYyeNGlS05FKvshtkWYg1IpRke_ih4Z7jH23cP03T0JCmYW9jT4eV898mUjhhJiuNE70f4O_wk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLxziBBrRe_pS3e1AV4-iYyeNGlS05FKvshtkWYg1IpRke_ih4Z7jH23cP03T0JCmYW9jT4eV898mUjhhJiuNE70f4O_wk&google_hm=fd455e01d938155cd91fe446f4360585
Request Chain 453
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEPh2b1eK0IxEw9nFPDeJX9o&google_cver=1&google_push=AYg5qPI4TtEDakYII19uyi5hLQFsRi-v6OBXNcfEm0flpLY2sMSz1zeHapORzD_gcgRoEYS8qErpxTnBpESFgb61mH5u8lCcI6R-UA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=UKrpKUlJQC2-leCjSSwf9A==&no_redirect=1&google_push=AYg5qPI4TtEDakYII19uyi5hLQFsRi-v6OBXNcfEm0flpLY2sMSz1zeHapORzD_gcgRoEYS8qErpxTnBpESFgb61mH5u8lCcI6R-UA
Request Chain 465
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5e6f3911535f43f0861f27ff82c9607d&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=101&tpuid=BBID-01-03279650892869371-16609464
Request Chain 467
  • https://redirector.gvt1.com/videoplayback/id/bdf1d31f435de037/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1653272688/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/3542FB5FC3BE8E7BA80EBA0E15A3750C025BC335.044169E14E5E5C8956AE2C35CE938A662A8998B6/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-apaapm4g-apae.gvt1.com/videoplayback/id/bdf1d31f435de037/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1653272688/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/62FC6814B50942E07849CD772B607DFC63F5931B.65E80351CFC20311593A73BEE4B15123F2CCE186/key/cms1/cms_redirect/yes/mh/TF/mip/2607:5300:60:7867::14/mm/28/mn/sn-apaapm4g-apae/ms/nvh/mt/1653250124/mv/u/mvi/1/pl/32/file/file.mp4
Request Chain 470
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Request Chain 472
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdl-file.com%2F&domain=dl-file.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=1aAa8nxkRmJlVjlMRnA2bjBwRUcxU3QyYnlkb3k2TmI1dkxzVk9OaHJoNERIMnNoSzY0QzYvZzJuVlJlYjRCSzNMckNJM1puWWg0MkE5T1BpZnNISTY5bE02bjNsZkZreEc0MEFHYVVaTU9ZcjRyMFpyVzZCQXRWbTA0MHFNOEJ4TncxempMa1J1OXA5c3R4eC9NY25UNjBJNVpIOHJTNmtwWWZWUTRCZ1BYU1pYV2N5aFlVZXBLNk5YbUc0YUx1cXVEeVZ6Q004Uyt6UWhJclQ2RFUzK2lVMHFTUDlFYkhUVm5sZUxnR29OUUE5UldHWnhoUjZiVUJkdHo4UGx5RzVvNzVZSHFRcUFnd2c1QnF4L1hoUTVldTZPUT09fA&cppv=2
Request Chain 478
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DH5SXQY3IMFXGOZJ5OBZGKYTJMQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Request Chain 479
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=40ee1c490fffb4aa652bd183ea24e620e7d875a827e3e010f11b44e042d8ccbf&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
Request Chain 482
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAC6uk7FFTgAACrN1omqBg&dongle=bzwx
Request Chain 483
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189&dongle=4430
Request Chain 485
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6542586661939034833&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 486
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 487
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=3941db53-da0d-11ec-9787-fd5140d466c9&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 488
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2740194895956978880&dongle=d407
Request Chain 489
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YoqcDgADRCjODwAj&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 490
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=50aae929-4949-402d-be95-e0a3492c1ff4&dongle=31ac
Request Chain 503
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=7d6cbdb6b62e36e844bcc7d0cb56ea6881b7d4324d50c3c1165f01825ef18a6a&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Request Chain 508
  • https://track.adform.net/serving/cookie/match/?party=9&uid=0bc6ff3c6675c9d84ab49e43a37180e72fe1de0058abb2be2d8fb3703bd5d776&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=42&gdpr=0&tpuid=257778268428343628
Request Chain 509
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=b7940317fb12fd3f63d6262bc214eee31504a4e4fc18714d6f77ca125975c04f&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=af93f6ef-f16d-4099-b899-77901b9bf8e0&gdpr=0
Request Chain 510
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=10ddedfcdc15101169fa819a6d33808f73b194f63f8f63fc66a4f22557af109e&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=2667f2b6fabc683e51c3a9be963ee95c263bebe6e5eb529ca0ad348ce553cba9&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?uid=2667f2b6fabc683e51c3a9be963ee95c263bebe6e5eb529ca0ad348ce553cba9&tpid=38&gdpr=0&tpuid=CAESEBLz9tiJmWrfXgir8vu5aS8&google_cver=1
Request Chain 514
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=ed70a22222759df36cfdc10230f640b85a4285b742a3d6edb7eaa4e134f2e855&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=ed70a22222759df36cfdc10230f640b85a4285b742a3d6edb7eaa4e134f2e855&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/js?tpid=48&tpuid=010993b64b2117f90b442d53523469f5
Request Chain 520
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Request Chain 522
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 523
  • https://ssc-cms.33across.com/ps/?_=1653251091502.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=2105641270534
Request Chain 524
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a94216a6-1ccb-538e-987b-cc1dfaf1500e&ssp=the33across&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Request Chain 525
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1653251091502.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
Request Chain 526
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yEngHIpE2uFGhrZhLNYfX2J5De0bPAOg~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yEngHIpE2uFGhrZhLNYfX2J5De0bPAOg%7EA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 527
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=d60785771c1121c&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGbw-uxmTMRwNaOgVJAAAAAAA&expiration=1653337491&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGbw-uxmTMRwNaOgVJAAAAAAA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 528
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1655843091%26external_user_id%3De7d976ba-c653-41a4-983d-9d0c2b298e72 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1655843091&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72
Request Chain 531
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=L3HR0EPW-1N-ILOC HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L3HR0EPW-1N-ILOC&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3HR0EPW-1N-ILOC&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 537
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=480adcd8-cfaa-4339-b3a0-ff999f424de2&gdpr_consent=null&gdpr=0
Request Chain 539
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5GFMXGNCIN5DWO42CJB3EIWDLGA2XALLD&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5GFMXGNCIN5DWO42CJB3EIWDLGA2XALLD HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=1Ys4HoGgsBHvDXk05p-c
Request Chain 540
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1653251092529 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Request Chain 551
  • https://x.bidswitch.net/sync?ssp=adagio&user_id=5ce8dca1-f37b-4774-91f6-cad51b77f2f5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adagio&bsw_param=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&google_hm=ODgzMTA2ZTctY2MzZC00MzQ5LThjYTItZWI5ZTBmMWIwZjA1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMIpmmWjbftW2o-bzGBuyeo&google_cver=1&ssp=adagio&bsw_param=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05 HTTP 302
  • https://mp.4dex.io/setuid?bidder=bidswitch&uid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&us_privacy=

553 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Banks_2012_Chevy131217.rar.html
dl-file.com/g6zkpczghqdr/
Redirect Chain
  • http://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
  • https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
0206c8e52782162dac5c192d01296a82c0aa40e89e26bc729417001ee03c44af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html ; charset=UTF-8
Date
Sun, 22 May 2022 20:24:44 GMT
Expires
Sat, 21 May 2022 20:24:44 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
272
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 22 May 2022 20:24:44 GMT
Keep-Alive
timeout=5, max=100
Location
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Server
Apache
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-75596034-1
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93911c14835c32c6c4a2a205ddf68a3db2b14d30b4efd4c65b946d5f38875626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39162
x-xss-protection
0
last-modified
Sun, 22 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 May 2022 20:24:44 GMT
NewTheme.css
dl-file.com/css/ 		74 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/css/NewTheme.css
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
4acf4136b03b7954122a580eae0f47a316d9c7100dfbd764ef23b4bcdbfce6f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Oct 2021 12:13:20 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
75981
ETag
"128cd-5cf406744f388"
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
2541679
cdn-cachedat
2021-03-10 13:26:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9de03c320bd826dd854266be13ad082b
cf-ray
70f846ee1de6ece2-YUL
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
api.js
www.google.com/recaptcha/ 		850 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Sun, 22 May 2022 20:24:44 GMT
jquery-1.9.1.min.js
dl-file.com/js/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/js/jquery-1.9.1.min.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Jun 2015 06:04:12 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
92629
ETag
"169d5-5176e98442f00"
jquery.paging.js
dl-file.com/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/js/jquery.paging.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Jun 2015 06:04:12 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19365
ETag
"4ba5-5176e98442f00"
jquery.ui.js
dl-file.com/js/ 		398 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/js/jquery.ui.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache / PHP/5.4.16
Resource Hash
a6c748745997e83f17b90756869af2a20cf156acf538f1681a8f93a26edaa94c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:44 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PHP/5.4.16
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Security-Policy
frame-ancestors 'none';
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
398
jquery.cookie.js
dl-file.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/js/jquery.cookie.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Jun 2015 06:04:12 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3121
ETag
"c31-5176e98442f00"
paging.js
dl-file.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/js/paging.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Jun 2015 06:04:12 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1709
ETag
"6ad-5176e98442f00"
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:44 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 20:24:44 GMT
ico_noads.png
dl-file.com/images-NewTheme/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/ico_noads.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
f6bf6d1af4e1926e10a1f8b61a1d0a658a48e7ffe323b13ef50d57438e6f24b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Nov 2017 09:45:41 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2722
ETag
"aa2-55dee400ee2bd"
ico_compressed.png
dl-file.com/images-NewTheme/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/ico_compressed.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
e22a0f3f0c63f4f9e2be0b362a40706b6504d08e370a2769b8293ddbb203b3dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Nov 2017 09:50:34 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2192
ETag
"890-55dee51826a47"
about_hd.png
dl-file.com/images-NewTheme/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/about_hd.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
12d9d71d8c07e3b32e6922a03a1d0c0183f6dee780a3229305f3b0f3c4aea4b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 09:31:03 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7453
ETag
"1d1d-55d4d1cfdb3b0"
ico_fb.png
dl-file.com/images-NewTheme/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/ico_fb.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
e26142148dc2365533532cc901d730ee02f79bfffb9da86b20873911281c180f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 08:24:21 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1141
ETag
"475-55d4c2e693909"
ico_tr.png
dl-file.com/images-NewTheme/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/ico_tr.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
94024b15f0a587f637a2303205ae361518e1965d6beb190c005e04307783bf19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 08:24:20 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1420
ETag
"58c-55d4c2e5ae129"
ico_yt.png
dl-file.com/images-NewTheme/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/ico_yt.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
163aab8fdd4b7cfa854101763984a802120bf13a82d6f841c33ee9cd201f28c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 08:24:21 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1276
ETag
"4fc-55d4c2e6919c9"
ico_in.png
dl-file.com/images-NewTheme/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/ico_in.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
d97f3efe68f835117863e4d76fec93f4309fd3c9070b3eee59400d7f145517d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 08:24:19 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1253
ETag
"4e5-55d4c2e4a85a9"
app.js
kumo.network-n.com/dist/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/app.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
025fe09fa93455c5c41393393cce905af3425de2e84143ee14648621ae9cbe86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:44 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:42
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 16 May 2022 15:30:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62826df8-3f52"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
26170318965602729061e3fb180c2e7c
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:41 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75596034-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6050
date
Sun, 22 May 2022 18:43:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 22 May 2022 20:43:54 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 01:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146184
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 01:55:19 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: dl-file.com
URL: https://dl-file.com/js/jquery.ui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:18:51 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4364
x-request-id
324404086
logo_w.png
dl-file.com/images-NewTheme/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/logo_w.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
38eba31327475bf6d3b177561a8a2a5cadfa16ed7efab885684acafdb0bd0bfe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/css/NewTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 06:50:18 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1407
ETag
"57f-55d4ade1945ca"
logo.png
dl-file.com/images-NewTheme/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/logo.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
e76f2c32ecd923b05ca6b92d18ebdd280a0d761c2dd5a386d327ba747c5b4ba1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/css/NewTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Nov 2018 11:14:44 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1095003
ETag
"10b55b-579e8fe015452"
ico_globe.png
dl-file.com/images-NewTheme/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/ico_globe.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
798adb8860b3dc412e2d789d153f1824e085eef370e05b7531e192a433c06cd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/css/NewTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 02:19:51 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
773
ETag
"305-55d4716dbccc6"
flags.png
dl-file.com/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images/flags.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/css/NewTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Jun 2015 06:04:10 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
15180
ETag
"3b4c-5176e9825aa80"
Candara.woff
dl-file.com/css/fonts/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/css/fonts/Candara.woff
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
a4fd29aeff5c2151c3e4a2d0edc28885ffd0675a6d3a59e3ca229944e3490c0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://dl-file.com/css/NewTheme.css
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Sun, 05 Nov 2017 18:01:42 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
94920
ETag
"172c8-55d402162d6b5"
btn_signup.png
dl-file.com/images-NewTheme/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/btn_signup.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
9be599d6cefdb3787be094191b685a027f52e6bf4ef49d04a50310e7b023c0a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/css/NewTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 04:28:57 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1928
ETag
"788-55d48e496518c"
btn_login.png
dl-file.com/images-NewTheme/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/btn_login.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
3b92fd57682bb7613f88077272e0020c5f2cdf808b7e6f39e6d5ef765a1d5717
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/css/NewTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 04:28:58 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2086
ETag
"826-55d48e4a9c9ec"
about_bk.png
dl-file.com/images-NewTheme/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl-file.com/images-NewTheme/about_bk.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
9d78c0148361a3fcb690e899c0dd3885c79797359301f6829e98ae476b800460
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/css/NewTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 09:23:46 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
180306
ETag
"2c052-55d4d02eb1481"
ERASDEMI.woff
dl-file.com/css/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/css/fonts/ERASDEMI.woff
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
7b748cce237953136fb0e45af806e1d89388aee1c24d9f1ef89a732399a6c2e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://dl-file.com/css/NewTheme.css
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2017 09:54:30 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
32140
ETag
"7d8c-55d4d70d5ff40"
Candarab.woff
dl-file.com/css/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/css/fonts/Candarab.woff
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
79ea0fcaad1578acda495df0617d5b4f46de11c0b2dab44f6d20609935385e6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://dl-file.com/css/NewTheme.css
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Sun, 05 Nov 2017 18:01:45 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
96452
ETag
"178c4-55d402190cc55"
OpenSans-Regular.woff
dl-file.com/css/fonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl-file.com/css/fonts/OpenSans-Regular.woff
Requested by
Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555652.ip-144-217-183.net
Software
Apache /
Resource Hash
d12fd1d8afb1c2d8cb9d59868336a6c9e357af548f36aa41bcdb12fa19158365
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://dl-file.com/css/NewTheme.css
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Nov 2017 15:09:20 GMT
Server
Apache
Date
Sun, 22 May 2022 20:24:44 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
67528
ETag
"107c8-55d8e304af94f"
0.php
s4.histats.com/stats/ 		380 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4533243&@f16&@g1&@h1&@i1&@j1653251084819&@k0&@l1&@mDownload%20Banks%202012%20Chevy131217%20rar&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-70314676&@b3:1653251085&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
b90d4a2515dc05572cf9c333aaf8621a2536d02a4a231128be173558224fdc95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:44 GMT
Connection
close
Content-Length
380
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1696956645&t=pageview&_s=1&dl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&ul=en-us&de=UTF-8&dt=Download%20Banks%202012%20Chevy131217%20rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2102699506&gjid=1401037207&cid=1924886024.1653251085&tid=UA-75596034-1&_gid=1702677332.1653251085&_r=1&gtm=2ou5b0&z=2087019822
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dl-file.json
kumo.network-n.com/configs/sites/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/configs/sites/dl-file.json
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
d8cdac2115689218d01716b087218009c31a6f833ba74709f3844a9f92234db6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:44 GMT
content-encoding
br
cdn-edgestorageid
885
access-control-allow-origin
*
cdn-cachedat
05/20/2022 09:01:07
cdn-pullzone
411106
server
BunnyCDN-NY1-885
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Fri, 20 May 2022 08:42:42 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62875482-169e"
vary
Accept-Encoding
content-type
application/json
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cdn-requestid
d28664630c1f281f00c471820a0267d4
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
/
e.dtscout.com/e/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4533243&@f16&@g1&@h1&@i1&@j1653251084819&@k0&@l1&@mDownload%20Banks%202012%20Chevy131217%20rar&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-70314676&@b3:1653251085&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-158-69-139.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
f4a34f7908a57b7feaed671d426c88560cb4cbf90dd92c132b241e22ac3454d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:44 GMT
X-T
0.54
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl1
Expires
Sun, 22 May 2022 20:24:43 GMT
/
t.dtscout.com/idg/ Frame 8D75 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=6D001653251084643A347CED243E8EEA
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
449a988c779e714c11e0a3401fa1ca31fcfd1e49de104da8e38f55280c53ed43

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 20:24:44 GMT
Expires
Sun, 22 May 2022 20:24:43 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-128.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
38655
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 22 May 2022 09:40:30 GMT
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
G7mGAZySCbTpQVLB9TiGBbhNpD-kSvbQIjyF1gnXSSFMn4mkIrAa8A==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.121.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-121-229.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9b4f836087c3ab40bc0738da4152b1a37847d330e0c68a0a3fb5b6d12ad9d26e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2273
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:51 GMT
server
cloudflare
age
121845
etag
W/"6129520b-288b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
70f846f13f1f544f-YYZ
expires
Wed, 25 May 2022 20:24:45 GMT
/
t.dtscout.com/pv/ 		51 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=dl-file.com&_ss=7f0sz3vqaj&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=1enf&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aad209f8b5d8c3f29811d9dba78c0b6490dddbb1976a8fe1f3e65ee27141d053

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:44 GMT
X-T
0.139
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Sun, 22 May 2022 20:24:43 GMT
cmp-sourcepoint.js
kumo.network-n.com/dist/1.16.0/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/cmp-sourcepoint.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
b2f05e413db43ac91cf1f2c2a4a1d2a86e2c48798ce95a6a8e3a042cf93601c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:46
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-40d1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
72c06fe7d1dfa4b98b41d26864acc7b8
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:46 GMT
blockthrough.js
kumo.network-n.com/dist/1.16.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/blockthrough.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
359c40ccb309e9c171d7bd7848dcbaab24ae5d5b93860b08184b1f1f7e3d2e33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:43
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-84d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
784fa1c0660483416e21922f3b93a578
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:43 GMT
gpt.js
kumo.network-n.com/dist/1.16.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/gpt.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
795abdfaa06e6be7754f7c580a10f5ac5ca69367f2d938cddedc2d3d1d8dba59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:46
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-236c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
e8898058345d151eeaf275d9f757c41f
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:46 GMT
permutive.js
kumo.network-n.com/dist/1.16.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/permutive.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
f33f1cc92dc64313fbe3b07d496cc9b8723b604ff7dda0d006762311ca10d0a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:43
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-11e4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
c4163e17b0b63616553f01fd6d9b6661
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:43 GMT
amazon.js
kumo.network-n.com/dist/1.16.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/amazon.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
1f4369dd5a2bbb30cd55691f438244c3d40304917a103dc74f77509999fdfeea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:42
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-c75"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
1205f00c8cecec5b710393584e36c4d1
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:42 GMT
prebid.js
kumo.network-n.com/dist/1.16.0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/prebid.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
7ebe69396562fa734c5e4f88d98e700d57db7547d0515cffa49d8c618c6dec52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:44
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-6239"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
358c30563d703aaf734ab2e79f407137
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:44 GMT
pubstack.js
kumo.network-n.com/dist/1.16.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/pubstack.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
5ff6993311cde91fc9b4a6445f8d5fdbc2ca354b0cc1b31e332c2517cd6d9d8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:42
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-2ae2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
4a869bb0439695c8e028b2a81192edc7
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:42 GMT
moat-yield-display.js
kumo.network-n.com/dist/1.16.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/moat-yield-display.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
2b48b2c378909e72327131bf4ebe436a73011919d1e78e9f372671341e79c9b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:48
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-bbb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
61f25526007e25034db2ba16654be1c4
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:48 GMT
celtra-bfab.js
kumo.network-n.com/dist/1.16.0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/celtra-bfab.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
00ba161cf011bda82373321ec6bfcf75317574cfb06b5252b97b8177eeeef45e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:42
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-21e6"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
9dc7265b437c4b7ca6449bfb3d05b8ea
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:42 GMT
gpt-positions.js
kumo.network-n.com/dist/1.16.0/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/gpt-positions.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
00b4e8dfc7a79b40b574bf0c0dff13baac44786c8990b694547231ba09eec899

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:42
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-28f8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
e755a15b8cd0d5b33e533b97a7b3575f
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:42 GMT
primis.js
kumo.network-n.com/dist/1.16.0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/primis.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
fdefa5142e49ebc7e268381783d12023a9dba6d7738a8751d1b2421fb5951f9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:42
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-21fb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
e0e1b6c5d540f9f5ab330b303b322cc0
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:42 GMT
request-manager.js
kumo.network-n.com/dist/1.16.0/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/request-manager.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
c606ce33a4fba3a5fb33245f20978b63a487aca5a39bfe6d187b7e410fdb87e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:42
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-2de2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
a9878c51cb7751cee1ce5df55c829c45
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:42 GMT
refresh.js
kumo.network-n.com/dist/1.16.0/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/dist/1.16.0/refresh.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
084645bf2a55a68a2e4ed5763cfb6a22272c2f1032c72a29c205287364c9215f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:50:43
cdn-pullzone
411106
cdn-requestpullsuccess
True
server
BunnyCDN-NY1-885
last-modified
Mon, 09 May 2022 10:59:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6278f3fa-4834"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
cdn-requestid
a90e41c1ad0954820f0814b2503642b4
cdn-requestcountrycode
CA
cdn-status
200
expires
Sat, 18 Jun 2022 13:50:43 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-111.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 22 May 2022 08:34:50 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 22:03:02 GMT
server
AmazonS3
age
42596
etag
W/"e8e52baa0cf6ccb764f317323674bacd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
0M6gYwMTHkKxVE2ahPFRlscf_jAOmgxIW5AeLt-FyselQCvsQ9Pz9g==
/
t.dtscdn.com/widget/ 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=6D001653251084643A347CED243E8EEA&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:05:22 GMT
X-T
0.82
x-server
web16.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Sun, 22 May 2022 20:05:21 GMT
e
a.dtssrv.com/ 		21 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/e?i=6D001653251084643A347CED243E8EEA
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f956a7c144c330c7fc8e78bc004689eb54e65461f4dd476114063bfa272d2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELbG3WfE28Ef8LW4%2FwEAlCalcs5DqMlV5OclycHlkIqQAXB1W%2FHJ7yFLGMu9Cb8ODaBqzEhQr0%2BZUDNF9HdB9FVF8FME%2FwCLQwIPnNJykGyahOSDsa%2BwG9hfNjCMWKRgKLXckUYie1QYenI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://dl-file.com
cache-control
s-maxage=0
access-control-allow-credentials
true
cf-ray
70f846f189f74bd6-YUL
expires
Sun, 22 May 2022 22:24:45 GMT
27675
tags.bluekai.com/site/ 		62 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27675?id=6D001653251084643A347CED243E8EEA&ret=html&phint=__bk_t%3DDownload%20Banks%202012%20Chevy131217%20rar&phint=__bk_k%3Dbanks%2C%202012%2C%20chevy131217%2C%20rar&phint=__bk_l%3Dhttps%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&r=76174306
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:45 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
44f8
Expires
Thu, 01 Dec 1994 16:00:00 GMT
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001653251084643A347CED243E8EEA
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=234e86bdb3e0c5dd
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=234e86bdb3e0c5dd
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=234e86bdb3e0c5dd
content-length
0
/
onetag-geo.s-onetag.com/ 		535 B
949 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-110.jfk51.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 00:20:19 GMT
via
1.1 39174a6a452e175e6e614ff396a4ca4e.cloudfront.net (CloudFront), 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
age
72266
x-amzn-requestid
5d516165-a8ac-49fd-8356-6f828b1a43fe
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
IAD79-C1, JFK51-C1
x-amz-apigw-id
SgE2oESoCYcFzUA=
content-length
535
x-amz-cf-id
6ixvX_ldMISEVrGnOX5gswNsdWbURr57tynmn4sArMpPdJIgoRhmHQ==
p
ic.tynt.com/b/ 		35 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1653251085022&dn=AFWU&iso=0&t=Download%20Banks%202012%20Chevy131217%20rar
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
server
nginx/1.16.1
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
3233f31f98423137c29af23d3a9a5c8ec05595559cc3493008fdf74e60f483a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28581
x-xss-protection
0
server
sffe
etag
"1223 / 179 of 1000 / last-modified: 1653084277"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 May 2022 20:24:45 GMT
/
geoip.network-n.com/ 		846 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.network-n.com/
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.16.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.125.55 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
87ecd71b4f1d95b1919efeb8fe5877ce661393f757f7df7560a2af9727f42203

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
moatheader.js
z.moatads.com/networknheader13924283968/ 		235 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/networknheader13924283968/moatheader.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2dee09306e81a201670aede62dc935ba87bd1e6fc34e452a743c853426cb3b77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
last-modified
Thu, 12 May 2022 16:30:39 GMT
server
AmazonS3
x-amz-request-id
S10XSSKVHJDXBH5R
etag
"a6b233c6d632d20bf69a41db5b58b6ab"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=26613
accept-ranges
bytes
content-length
82508
x-amz-id-2
CrsA5fQ+giN5/Nz82lbvoxYNN3u6JtHa/+bYErlrXCdpUow4eh9byM0Oh97HGYOxfcPcqpegaEA=
pubads_impl_2022051701.js
securepubads.g.doubleclick.net/gpt/ 		366 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 01:42:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127273
x-xss-protection
0
last-modified
Tue, 17 May 2022 08:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 May 2023 01:42:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dl-file.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
fa7ff52fc5d97b31c4b2859268baa04364d859e17fe24a3e4b58ba865840e6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
expires
Sun, 22 May 2022 20:24:45 GMT
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
2fcc12280ed25e886e65c558b07b8435c7037ac5d1fc93be4b79248b48144301

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:44 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
1416
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
mb.moatads.com/yi/ 		302 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&pcode=networknheader13924283968&rx=824307630497&callback=MoatNadoAllJsonpRequest_83218197
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/networknheader13924283968/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.54.152 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-54-152.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
f13d870ac86bef971aca986461d25163d26319d4ff2d1f69b99dd3a27aaddfbf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"9ee5c6b7033b8f52f2c73378d3a96fd9819ac404"
content-length
302
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame 9360 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/networknheader13924283968/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1832
content-length
1374
content-type
text/html
date
Sun, 22 May 2022 20:24:45 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
1q3rKRyZ87lqjhiC2758zMCEpqXKcQPt00zicnf5cLdjSrgHqPVMcpDlU6xJceA0z/YIZgGmSJw=
x-amz-request-id
A813099146F960C0
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
833 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-100.jfk51.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:55:10 GMT
content-encoding
gzip
server
restify
age
5375
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
42faOPJCr_aVefI1ufE-omiL__dXWllUSOct5ieHSBXX3hy_x2ew8g==
via
1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
27519
tags.bluekai.com/site/ Frame 8F3E
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1653251085268.4
  • https://tags.bluekai.com/site/27519?id=119145340192793&ret=html&random=1653251085
71 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=119145340192793&ret=html&random=1653251085
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

BK-Server
3cf3
Connection
keep-alive
Content-Length
71
Content-Type
text/html
Date
Sun, 22 May 2022 20:24:45 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 22 May 2022 20:24:45 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=119145340192793&ret=html&random=1653251085
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP004
x-33x-status
400000000040080C
1208351848795471557
map.go.affec.tv/map/an/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&ts=1653251085268.1
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D628a9c0dd6bfb40001b82881%26chc%3Dtt%26floc%3D%26redirect_url%3D
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D628a9c0dd6bfb40001b82881%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D
  • https://map.go.affec.tv/map/an/1208351848795471557?ch=628a9c0dd6bfb40001b82881&chc=tt&floc=&redirect_url=
0
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/an/1208351848795471557?ch=628a9c0dd6bfb40001b82881&chc=tt&floc=&redirect_url=
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Server
13.225.223.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-118.jfk51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-encoding
gzip
x-amz-cf-id
Ab-7iANaIUFNCSB9V7vRnsGBySsdacw-D6rX7UwxqxRdO6yhLoAIPg==
vary
Accept-Encoding
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:45 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ebdfd7de-2d59-460c-a057-10abe71133e7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://map.go.affec.tv/map/an/1208351848795471557?ch=628a9c0dd6bfb40001b82881&chc=tt&floc=&redirect_url=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&random=1653251085268.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&random=1653251085268.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=41c84834-87df-4e67-95cb-1060735f6550%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=41c84834-87df-4e67-95cb-1060735f6550%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&ttd_puid=41c84834-87df-4e67-95cb-1060735f6550%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Server
52.0.204.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-204-120.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=61 t=1653251085
x-served-by
beacon-n031-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Sun, 22 May 2022 20:24:45 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&random=1653251085268.3
  • https://idsync.rlcdn.com/405716.gif?partner_uid=2105641270506
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=2105641270506
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:45 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:45 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=2105641270506
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&33random=1653251085268.5&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&33random=1653251085268.5&cat=33across
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm90OERiODVRUU5WcDBhdW1JdmNtV3hRNkJmSTFmYmY3Z3pKVHNUR3pCUDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mm90OERiODVRUU5WcDBhdW1JdmNtV3hRNkJmSTFmYmY3Z3pKVHNUR3pCUDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESELBtK89KA4_-7QBif8DsHbE&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESELBtK89KA4_-7QBif8DsHbE&google_cver=1
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESELBtK89KA4_-7QBif8DsHbE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
z.png
spl.zeotap.com/ 		0
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=Entertainment&zcluid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&ziid=1653251085268.6
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
70f846f36a094bbf-YUL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKS2KKnA0CWX01BXF4Ag%3D%3D&us_privacy=&random=1653251085268.7
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=2105641270534&seg_code=33x&random=1653251085
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D2105641270534%26seg_code%3D33x%26random%3D1653251085
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D2105641270534%26seg_code%3D33x%26random%3D1653251085
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:45 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
54bf5c7a-cef4-430c-a431-d11f16e8b084
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:45 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c738035-9913-4e79-aa0b-3a9c34df2c68
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D2105641270534%26seg_code%3D33x%26random%3D1653251085
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid.php
kumo.network-n.com/ 		258 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.16.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
cf5ae42b62b57bd4a50cb838819b2683f97941d1ff860491cb0034197999565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
885
cdn-cachedat
05/19/2022 13:52:35
cdn-pullzone
411106
x-xss-protection
1; mode=block
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control
public, max-age=2592000
x-server
1
cdn-requestid
2094212ac752d110bffaa5a61e2dfc7a
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-74.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ca21b494fb1e69720637559a9be4bf0ed7e1434dfc9528aaee546ca5c86e90c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
VHU2TOxqu0QTs9pOxWnlbUyW9ynDjEHr
content-encoding
gzip
last-modified
Fri, 06 May 2022 20:10:22 GMT
server
AmazonS3
age
3174
etag
W/"e32bffc58516b2567ccca2ff66a059b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Sun, 22 May 2022 19:31:52 GMT
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
MkRXc5aSUvx-VccGvnnlQ1Sjq4C3ZHUBJzZa9WmYQ-j7YeXnQ4wUFQ==
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Server
23.92.190.69 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
3ea38cfe8892707732a292575f0eae7610b434f092b2c6ca4708fdc744597e9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dl-file.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Sun, 22 May 2022 20:24:45 GMT
Access-Control-Allow-Origin
https://dl-file.com
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Server
23.92.190.69 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
97028af218975c9de3b856a41de324d945c61250dc01c70be4770581c896538a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dl-file.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Sun, 22 May 2022 20:24:45 GMT
Access-Control-Allow-Origin
https://dl-file.com
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Server
23.92.190.69 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
4a39427cf154fd60d9830eb9e918987ce94c2ec47d36a2fd17d1fef0c15a7f98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dl-file.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Sun, 22 May 2022 20:24:45 GMT
Access-Control-Allow-Origin
https://dl-file.com
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.16.0/cmp-sourcepoint.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-43.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7f27b89f7a51196dad504382c738ec556d5c451fd87555662899e0986e0a242

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 19:44:32 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 18:12:04 GMT
server
AmazonS3
age
2413
etag
W/"2d76dd43fc8818bc6642cf471bbfa54c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
wke4Y71xwITMpfe_tCY9PtuZDnEjryns916m4v5FyxcHhs4IgZTY1w==
tag
btloader.com/
Redirect Chain
  • https://network-n-com.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=network-n-com&upapi=true
23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=network-n-com&upapi=true
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e353e00f197bf62d89362ebb53464f92a2e2ba7382ae0e0cc04d986128725385

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
855
content-length
7480
last-modified
Sun, 22 May 2022 20:10:19 GMT
server
cloudflare
etag
"92704fde625f5395ecfdc9768787ad4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3CKYYMDh0fw2eTO7BN0zUTcThUD%2B9Ytle9AgOfwmBlV8Xxc3SAi7Jqs7IfNEsyquJsj2Wdaz3Ya%2BV1g%2BfIZQledS2iNGrWnhymggFSsfqbR1VglFgqdNyv8M3wK34Dp8qdcmzJm25dahw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges
bytes
cf-ray
70f846f4f85c714a-YUL

Redirect headers

date
Sun, 22 May 2022 20:24:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwZA%2BuZPOUBgX8A9xMxzMlivebeWeDLSqkZWMy9lxbdi66%2BYY7BqBDg%2FCWxyMGnIOQaVpCClfslI4b%2FcL4YIbQVCgDPeZs22drTgdk0UEQOWAIDEkjYe0JtiMhxVeCOZI8teVgZIqHPLgfskWSquFlf0oazDI%2BlzAXl%2F8pIe"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=network-n-com&upapi=true
cache-control
max-age=3600
cf-ray
70f846f49c5c7150-YUL
expires
Sun, 22 May 2022 21:24:45 GMT
00917082-71e9-498e-8343-00c3df06b798-web.js
00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/ 		866 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b581e99c06657342cedb97ca11f05ab223d0335ead3aae4497f782d1e6c078a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
00917082-71e9-498e-8343-00c3df06b798
age
2947
x-guploader-uploadid
ADPycdvDOnqd7s_Qll2dMwKpj8Z2yhx-7vpPfbIkiVbuBsoaMBp_UbmYjHRxJ1xZPxq-ORGw6dqz2Z6sGLIo1jcHhEMPpA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
last-modified
Wed, 18 May 2022 11:33:47 GMT
server
cloudflare
etag
W/"ea38fcae4b15b8b7e11de6e71e6b1494"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=zYVA+Q==, md5=6jj8rksVuLfhHebnHmsUlA==
x-goog-generation
1652873627026852
cache-control
public, max-age=900
x-goog-stored-content-length
243065
cf-ray
70f846f4ae79715a-YUL
expires
Sun, 22 May 2022 20:39:45 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.16.0/amazon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:08:12 GMT
content-encoding
gzip
age
47793
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
0C0FM1BCCM1VN52EXPJP
etag
ae8d955adf98458335c127f4461070c2
vary
Accept-Encoding
x-amz-version-id
At9QZnxQdkeEMjLuJ7ylJ9u23U2amuqG
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
W972pa0_20AhRE_iO9Ts6NzIvgaemaVZuhPzdepdbaPwfLrJRTK4kA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220522
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ed5574dadbe3709842d2118b941d9caf67cebe2abe361ca8f00e44a5455952b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19427
x-jsd-version
1.0.1349
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19164-FRA, cache-iad-kiad7000036-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"670-RA4MW9M/KMI4WtFFvVB4k+dqIrU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SorOEl1E44NWnbDsJV7V5EnxFlfwxX67sgfpNKo7nKUML7cPgCo1U2L71IyP6ypUxcV97XgzK1DmJ%2B9IK23yo6sO44xgOCzsMkI4gmiG9Z8RIoT9bOMMgPGrYWvmw8B6kUpFlHdOO4YlRegXo1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70f846f49fe57133-YUL
access-control-expose-headers
*
87deb108-4e58-4efe-a82c-59315f7609e1
boot.pbstck.com/v1/tag/ 		2 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/87deb108-4e58-4efe-a82c-59315f7609e1
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.16.0/pubstack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3103a4abbfa0eadf4c29e5411fb2a7ddd2b4764bf272c5c4fcfa3ea3eb63cdd6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
cf-ray
70f846f4aa5c7142-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ccpa.93f836a48e5623de1dad.bundle.js
cdn.privacy-mgmt.com/unified/3.6.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/3.6.0/ccpa.93f836a48e5623de1dad.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-43.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
693c48f6c942ae7008488f4dc7b2fa75145b1e7bfa33cbaa04f997ba8c5ed973

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 19:49:36 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 18:10:55 GMT
server
AmazonS3
age
2110
etag
W/"47869da64077624989aeb08ec5e5bc16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
RQgUTT5Wg_9eesG2IUzZxBxdX8q9t7jYdj9Qth2YPG-tXMukg4g1lw==
gdpr-tcf.2246e77bab51d1b4ac82.bundle.js
cdn.privacy-mgmt.com/unified/3.6.0/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/3.6.0/gdpr-tcf.2246e77bab51d1b4ac82.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-43.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11d2d8f2b51fc61218431c0f8443f9a3d283e1058d979ec85c0f2057a8ab43e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 19:31:28 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 18:10:55 GMT
server
AmazonS3
age
3198
etag
W/"5d1212388ecb15175a25e81f14a623e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
OwR1V8rdzknLAZ_4MkPcmqHsJU_X7FTNPksXwtqBZ0_AnbLx1rdSkw==
get_messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/get_messages?requestUUID=b8df81ba-9a83-40bc-a5ad-a7d47749d4d3&hasCsp=true&env=prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-43.jfk51.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dl-file.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 22 May 2022 20:24:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
x-amz-cf-id
VNdas6O-GhrVXCvUPt7pYuQ1jYAPt9g3EDoutfY7d8BRkgplgRXV3Q==
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
x-powered-by
Express
get_messages
cdn.privacy-mgmt.com/wrapper/v2/ 		52 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/get_messages?requestUUID=b8df81ba-9a83-40bc-a5ad-a7d47749d4d3&hasCsp=true&env=prod
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-43.jfk51.r.cloudfront.net
Software
/ Express
Resource Hash
becc06bdb511ed6c14189120e5be2519c7923ff42bf30f9254f8fe6bbd16ff20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
x-amz-cf-pop
JFK51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
p-XhTr4QGO7JRbQ9n1l-B1jpGaANBUHO35SZFGqthFS913M9r9EIrw==
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdl-file.com&pubid=26c60b4f-549a-4efd-8ae0-f00e07c46204
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 17:14:55 GMT
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
server
Server
age
11390
x-cache
Hit from cloudfront
access-control-allow-origin
https://dl-file.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
RXVs6TQDEmdVRWbWWNTP9hoMwyIQYND8Mm6AeBRO-idC7BvEOuaNbA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 19:39:39 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
2707
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
content-type
application/javascript
x-amz-cf-id
Y-6ARLwxMfsU7bR4lW0rthEvhKm42RCUp21Gd3olfMt687DXIBSh_A==
cbf67807-aa60-4acf-97de-8add5f372615
https://dl-file.com/ 		547 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dl-file.com/cbf67807-aa60-4acf-97de-8add5f372615
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e2dcc3fbb14878aa73b5ea682638e1905938be625e1fd75b5addb79a8fee091

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
559961
index-monitoring-dc4ef33.js
cdn.pbstck.com/ 		185 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-monitoring-dc4ef33.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/87deb108-4e58-4efe-a82c-59315f7609e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3ca46840df12ab81bb06c7eb22e2c34d8f9e79e5a6696410163ee53d9d61b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cf-cache-status
HIT
age
358269
x-guploader-uploadid
ADPycduZ-cmZT2qs9s7iYj3SpDDeCLhjtUpyTSGb56wG5EoYiUfaE_ZlVmbRJDHzL9N0_x0v5Aat-4slKwctveGDGLyF8PB6La3n
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 14:11:48 GMT
server
cloudflare
etag
W/"f14b90c6c7ff88f3ff39692d32439a26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=a3f8eA==, md5=8UuQxsf/iPP/OWktMkOaJg==
x-goog-generation
1650550308039798
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
51471
cf-ray
70f846f5fc444bcb-YUL
expires
Wed, 25 May 2022 16:06:27 GMT
index-refresh-dc4ef33.js
cdn.pbstck.com/ 		153 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-refresh-dc4ef33.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/87deb108-4e58-4efe-a82c-59315f7609e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebef1aa36471bb515492ad247f0409c576cb55823ede5557483a5e29e67c4e30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cf-cache-status
HIT
age
358269
x-guploader-uploadid
ADPycdtyS81uasu5ix-LcnWOlaRTzkcuLMGo1jo9VYTrgjsRvHax-FB3d18Q0zk2DBnPgdMmSPGtfZ7U66iryFjqhqn7tpgZRhE5
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 14:11:51 GMT
server
cloudflare
etag
W/"e249432a2942345769826797d5b69f22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=h6vcyA==, md5=4klDKilCNFdpgmeX1bafIg==
x-goog-generation
1650550311901826
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
43139
cf-ray
70f846f5fc454bcb-YUL
expires
Wed, 25 May 2022 16:14:50 GMT
syncframe
gum.criteo.com/ Frame 2834 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dl-file.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
bd539d224655cd1dacf2172ff13b4fdb8d258d305180fb4ea03f9c1886c4ae49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:24:45 GMT
server-processing-duration-in-ticks
2017
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-111.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 22 May 2022 18:59:17 GMT
content-encoding
gzip
age
5129
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 23 Feb 2022 22:03:02 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 8844c3dbe820eac69f8ca9f1c7fb7402.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
LDV28Z9CvRsJNR_cxoP5Q5x6uArXHLHOl1MJRAogMna1ttjpYgydVg==
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8262144593879241&stid=ZHsAAWKKnA0AAAAIEr7SAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-18-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39344869b917bfc4563213f63c4e19b9b2b0d2a12145fb8d0dd71df783507a92
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1360
Expires
Sun, 22 May 2022 21:24:45 GMT
pxid
00917082-71e9-498e-8343-00c3df06b798.prmutv.co/v2.0/ 		12 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://00917082-71e9-498e-8343-00c3df06b798.prmutv.co/v2.0/pxid?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
via
1.1 google
getuidj
ib.adnxs.com/ 		29 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.175 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dec9eedff4ebf71efade6389e80183458c943f9fb293a5f34058cb7abded9c25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:45 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6347641d-3cf3-442b-a929-abc364ee21e9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://dl-file.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
00917082-71e9-498e-8343-00c3df06b798-models.bin
cdn.permutive.com/models/v2/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/00917082-71e9-498e-8343-00c3df06b798-models.bin
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71ec811b654fde5ab4be70f80aee7459fb2187c3e9a96bab32084151d00c75e

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
00917082-71e9-498e-8343-00c3df06b798
age
619
x-guploader-uploadid
ADPycdtcdXj0oaj9L1LXmbUfkMaZpWIjKgm-7IcQOYcUbluKk192KeV0Z7wF_pGFhd6Z9oDv0YQEMl92KT6UHaQyiD4HhQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/x-binary
content-length
2493
last-modified
Sun, 22 May 2022 06:02:40 GMT
server
cloudflare
etag
"fd1d2fbfa2969967cd207d91a2fef1e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=1JKBXQ==, md5=/R0vv6KWmWfNIH2Rov7x6A==
x-goog-generation
1653199360929827
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
2493
accept-ranges
bytes
cf-ray
70f846f71843a250-YYZ
expires
Sun, 22 May 2022 20:14:26 GMT
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_f06496e7,1&cbuster=1653251085504&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&s=109741
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.16.0/primis.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
7ad17a41b851f2c197df49fa916bac9e171a8c2f9d2a7c0d63630912b8f0ae0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
bid
c.amazon-adsystem.com/e/dtb/ 		233 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&pid=KweVkQss87qeB&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22nn_lb2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%226928793%2Fdl-file-61deae48ca228%2Fdl-file-LB2-61deb04e3ea83%22%7D%2C%7B%22sd%22%3A%22nn_lb1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%226928793%2Fdl-file-61deae48ca228%2Fdl-file-LB1-61deb048709e3%22%7D%2C%7B%22sd%22%3A%22nn_lb3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%226928793%2Fdl-file-61deae48ca228%2Fdl-file-LB3-61deb05c0f307%22%7D%5D&schain=1.0%2C1!network-n.com%2Cpa_f06496e7%2C1%2C%2C%2C&pubid=26c60b4f-549a-4efd-8ae0-f00e07c46204&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
3d4c93561d210e788593a683e689ea777dc93133445ddf63d6f11b151160c37b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK51-C1
x-amz-rid
Z0V8PCMT86XPW4AC5NSG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
233
x-amz-cf-id
Z2qj7ICtOEXzaDDu1N59v3Ieogw1ANK9qaQ3tXmJdWSRC0ySMZq7DA==
localstore.js
script.4dex.io/ 		483 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1074395
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L21oRhGGFpcwzjHsl9%2Fkk0fHuAT7CGFWU6g4R%2F%2B04MFdRGxtzgP0nu3HgvZz6j3KuYDR3Rjzo4VrIDpvN%2BTdLmbwMqmFE8q20%2F37Z3rfzYoVAjufw6A7%2BI1tzjFuePQ4zU2fLuRWssZFwYQk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
70f846f70da84bd1-YUL
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&event_source=dtscout&rnd=0.8262144593879241&exptid=ZHsAAWKKnA0AAAAIEr7SAw%3D%3D&fcmp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.121.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-121-229.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/gif
geoip
api.permutive.com/v2.0/ 		249 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
478e6af52fb68e56ea81b5b785d63530428644c5f656abef360da891644c3243

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
via
1.1 google
watson
api.permutive.com/v2.0/ 		2 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
via
1.1 google
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 8E21 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=21963
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-20.jfk51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server
Apache-Coyote/1.1
via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
x-amz-cf-id
pN7C-Ti6TJMsEir2Nu6W8u36I94KZag0s7vm_Qq0QbYAs8T-JcOVew==
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match?r=68094
  • https://ce.lijit.com/merge?pid=2&3pid=598588BF699A41FFBCD52BD1BAC4F1E6
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=598588BF699A41FFBCD52BD1BAC4F1E6
Protocol
HTTP/1.1
Server
23.92.190.74 Cramerton, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=598588BF699A41FFBCD52BD1BAC4F1E6
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 21 May 2022 20:24:46 GMT
59074
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8&_li_chk=true&previous_uuid=ed571540fca24ca9b474f9712d091f43
  • https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8
Protocol
HTTP/1.1
Server
2600:1f18:444a:4680:700d:3b5d:9173:685 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=Er1IbSZHEQFzpIZfRt6_Z4U8
Date
Sun, 22 May 2022 20:24:45 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=Er1IbSZHL47ybBDGSQuh-qUU
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=Er1IbSZHL47ybBDGSQuh-qUU&_li_chk=true&previous_uuid=bf65d63700904d62b6b83c6d7ab2ec33
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date
Sun, 22 May 2022 20:24:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/
Redirect Chain
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=Er1IbSZHEQFzpIZfRt6_Z4U8&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=Er1IbSZHEQFzpIZfRt6_Z4U8&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
  • https://ce.lijit.com/merge?pid=5014&3pid=6b09ca46c738626abd3a92773d5eb822
43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5014&3pid=6b09ca46c738626abd3a92773d5eb822
Protocol
HTTP/1.1
Server
23.92.190.74 Cramerton, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='NON DSP COR CONi OUR BUS CNT'
location
https://ce.lijit.com/merge?pid=5014&3pid=6b09ca46c738626abd3a92773d5eb822
cf-ray
70f846f7aa335479-YYZ
content-length
0
data
bcp.crwdcntrl.net/6/ 		615 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b738c765fb0f9e4b0a7ef81715666fa20540cb0f3bf9e40a08d06368348cf679

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://dl-file.com
cache-control
no-cache
x-server
10.40.14.4
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
615
expires
0
ef5a345b-f8eb-4b42-98ea-467e4b80856e
https://dl-file.com/ 		19 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dl-file.com/ef5a345b-f8eb-4b42-98ea-467e4b80856e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d407b9d0a019429a722bc9151f7177dc2a6f72324f2d1d1cf8c4532391db935

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
19782
sid
mug.criteo.com/ Frame 2834
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dl-file.com&sn=ChromeSyncframe&so=0&topUrl=dl-file.com&cw=1&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=LQUFz3wzYy96Z0FBbEh6RTFLaUZkUk5qZmZRZHY3SVI2TUFlSmg0YmtIa1BkVkE2VXQ1azJZSEtySzk1LzBSRXNUNzFaVW5oNGNrRnE3blNlSWc1Z0hDdm9LSG9QeWp5N2NXWi9vSVVZSGFWWG93T0MrNHIwL20rNlBSOD...
430 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LQUFz3wzYy96Z0FBbEh6RTFLaUZkUk5qZmZRZHY3SVI2TUFlSmg0YmtIa1BkVkE2VXQ1azJZSEtySzk1LzBSRXNUNzFaVW5oNGNrRnE3blNlSWc1Z0hDdm9LSG9QeWp5N2NXWi9vSVVZSGFWWG93T0MrNHIwL20rNlBSODV4NDVERVZKKzlXbG15SnhMQTVUcmZEMk1xL093S2dON1JMWkhSdDcyd3RVWjUrRWVQd3NuamtZd29GVUU1d1NDY2dXSXNqaFpLVlYwLzZHRVhzRzFNYXBxNEl1c0tuRG9nelNUdFhtVENsN2loVHMxMUltMTBiOTYrYjhkMlY3bG9wdHpEY0djWkd1KzVMcDQvZTViYUxoc2JMM0FXZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
1db5bfe786e61c9336117b15fc55a8321afe1c2110d6b6d650f0ae67c2755ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5360
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:44 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=LQUFz3wzYy96Z0FBbEh6RTFLaUZkUk5qZmZRZHY3SVI2TUFlSmg0YmtIa1BkVkE2VXQ1azJZSEtySzk1LzBSRXNUNzFaVW5oNGNrRnE3blNlSWc1Z0hDdm9LSG9QeWp5N2NXWi9vSVVZSGFWWG93T0MrNHIwL20rNlBSODV4NDVERVZKKzlXbG15SnhMQTVUcmZEMk1xL093S2dON1JMWkhSdDcyd3RVWjUrRWVQd3NuamtZd29GVUU1d1NDY2dXSXNqaFpLVlYwLzZHRVhzRzFNYXBxNEl1c0tuRG9nelNUdFhtVENsN2loVHMxMUltMTBiOTYrYjhkMlY3bG9wdHpEY0djWkd1KzVMcDQvZTViYUxoc2JMM0FXZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1804
content-length
541
expires
0
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1071616
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb2fa7de5017e483984bd9-00627a37f8
x-amz-id-2
txb2fa7de5017e483984bd9-00627a37f8
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oiGVlhdiy9uxBlRe5lSZ6AhIZvjk1NlwlEoQQzkfw2xiql1%2FpZRMc5cNJLy2VVik%2F1L3dJjLWMqtSWRlCaGCtfKtKtdVhMB%2BNINj5OeDdmXikYFWux%2FG2S82vZk5a5yNSDnUD8g6PFqfeUi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
70f846f76db17151-YUL
access-control-allow-headers
Authorization
liveView.php
live.primis.tech/live/ Frame FDC3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_f06496e7,1&cbuster=1653251085504&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&s=109741&cbuster=1653251085&pubUrlAuto=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkZnNnprcGN6Z2hxZHIlMkZCYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhciUyMiU3RCU3RA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_f06496e7,1&cbuster=1653251085504&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&s=109741
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
24236154857348b359f6c033a502be2479b36e9640e792672dfc220d2b86a2e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://dl-file.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://dl-file.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://dl-file.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://dl-file.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://dl-file.com
Access-Control-Allow-Credentials
true
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dl-file.com
date
Sun, 22 May 2022 20:24:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328f0c0c3796eb0363f7a6f33f3da15031dd593714519a6b58c80e5a27dde0cc

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
access-control-allow-origin
https://dl-file.com
content-length
896
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
70f846f7ce434bbe-YUL
expires
0
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&tmax=1000&gdpr=false
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.2.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-2-123.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
9c8dabb1e4b0bf39f8cd74368919143ef4896ba85609211c19d97e0ec83e2b8c

Request headers

Referer
https://dl-file.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
4477af99dfbc2673e5cada192721d3a529525889d33e953f0272ea2e470d02f0

Request headers

Referer
https://dl-file.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://dl-file.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://dl-file.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
b10af4b018ec9b73d565b6da1984427e2873d615a209c99bfae11d117fb925b6

Request headers

Referer
https://dl-file.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
content-length
66
identify
api.permutive.com/v2.0/ 		50 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4046d583f53faa5443393c785f2e6cbe4363ec2068313471ccbf050d56ff2530

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
via
1.1 google
page
intake.pbstck.com/v1/intake/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/page?sId=f2521fbf&tId=87deb108-4e58-4efe-a82c-59315f7609e1&c=1&ctr=US
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 20:24:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
70f846f7bf9b4bcb-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
t_.htm
t.sharethis.com/a/ Frame 062D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8262144593879241&stid=ZHsAAWKKnA0AAAAIEr7SAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-18-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Sun, 22 May 2022 20:24:46 GMT
Expires
Sun, 29 May 2022 20:24:46 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame FDC3 		258 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_f06496e7,1&cbuster=1653251085504&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&s=109741&cbuster=1653251085&pubUrlAuto=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkZnNnprcGN6Z2hxZHIlMkZCYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhciUyMiU3RCU3RA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
etag
W/"623b1728-409bc"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 22 May 2023 20:24:45 GMT
prebidVid.6.18.0_4.min.js
live.primis.tech/content/prebid/ Frame FDC3 		460 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_f06496e7,1&cbuster=1653251085504&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&s=109741&cbuster=1653251085&pubUrlAuto=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkZnNnprcGN6Z2hxZHIlMkZCYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhciUyMiU3RCU3RA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
98a6b7b7fcf2607fc6a2686ed1bb9b7e93d8c9e25fd688e9f94005a0597a134d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 12:44:01 GMT
server
nginx
etag
W/"6284ea11-72faa"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 22 May 2023 20:24:46 GMT
liveVideo.php
live.primis.tech/live/ Frame FDC3 		686 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?schain=1.0,1!network-n.com,pa_f06496e7,1&cbuster=1653251085504&subId=[SUBID_ENCODED]&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&s=109741&cbuster=1653251085&pubUrlAuto=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJ1cmwlMjIlM0ElMjIlMkZnNnprcGN6Z2hxZHIlMkZCYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhciUyMiU3RCU3RA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
123d0e248ffef9a3257c09efd0a9d90f0d65c29cb609d321b9df31104e433f6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
t_.js
t.sharethis.com/1.943.23339/a/CA/ Frame 6CFF 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.943.23339/a/CA/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-18-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8748
Expires
Sun, 29 May 2022 20:24:46 GMT
a
a.dtssrv.com/ 		0
531 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/a?i=6D001653251084643A347CED243E8EEA&k=lotpano&v=5d9aa80c509729575341e812e64816d53938278cc58d7eb944428a2165db6f26
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&j=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMeMjJ8lbCCeTK1SUvv40SUncxU176iVj52Gl5wJkcrtfZtGwilIJIUo2z%2B6YLhmHl1tMNjWfy5u7GcpfnrUbAXbBydB9tFVnEbA2SMUZlbtHL5A%2B6xEqru56t1Gy0xC7Ra3HBRE0A8u1gI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
70f846f83b39ecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 901F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-111.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
24578
cache-control
max-age: 86400
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 13:35:09 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
x-amz-cf-id
h8R2qgaZz3TWyZu4l7dgrfEJz_wh8v6GpIKIyatGdmR60uES9EohYA==
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
test_oracle
pd.sharethis.com/pd/ Frame 48F6 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.121.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-121-229.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c1e9ba38efdd493316eb5275f06cc7e462835c667b26db4358d9b7fe3ac35a88
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 6CFF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
18.219.174.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-174-164.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Sun, 22 May 2022 20:24:46 GMT
Content-Length
42
Stid
ZHsAAWKKnA0AAAAIEr7SAw==
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.sharethis.com/ttd?uid=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
215
nlsn
sync.sharethis.com/ Frame 6CFF
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=666f36a08e6fa27eb148bf1955312025
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/nlsn?uid=666f36a08e6fa27eb148bf1955312025
Protocol
HTTP/1.1
Server
18.219.174.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-174-164.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Sun, 22 May 2022 20:24:46 GMT
Content-Length
42
Stid
ZHsAAWKKnA0AAAAIEr7SAw==
Content-Type
image/gif

Redirect headers

date
Sun, 22 May 2022 20:24:46 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sync.sharethis.com/nlsn?uid=666f36a08e6fa27eb148bf1955312025
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
eyeota
sync.sharethis.com/ Frame 6CFF
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2aHOcoSmQz0uya1xpG5v9sCW4tmQtgDOnk5A_7H2M7PA&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2aHOcoSmQz0uya1xpG5v9sCW4tmQtgDOnk5A_7H2M7PA&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
18.219.174.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-174-164.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Sun, 22 May 2022 20:24:46 GMT
Content-Length
42
Stid
ZHsAAWKKnA0AAAAIEr7SAw==
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2aHOcoSmQz0uya1xpG5v9sCW4tmQtgDOnk5A_7H2M7PA&gdpr=0&gdpr_consent=
Date
Sun, 22 May 2022 20:24:46 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame 6CFF
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHsAAWKKnA0AAAAIEr7SAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3627391049667706902
  • https://ml314.com/csync.ashx?fp=542a2764f280f9188469900de0365b93256288284fabad7eda2ac14b6f64f926f4cb09cee1a4f8eb&person_id=3627391049667706902&eid=50082
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=542a2764f280f9188469900de0365b93256288284fabad7eda2ac14b6f64f926f4cb09cee1a4f8eb&person_id=3627391049667706902&eid=50082
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 23 May 2022 16:24:46 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=542a2764f280f9188469900de0365b93256288284fabad7eda2ac14b6f64f926f4cb09cee1a4f8eb&person_id=3627391049667706902&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 6CFF
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZHsAAWKKnA0AAAAIEr7SAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=yrEEBXZe99Yf5%2Foi&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=yrEEBXZe99Yf5%2Foi&BK_SWAP_DEST=5957
Protocol
HTTP/1.1
Server
18.219.174.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-174-164.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Sun, 22 May 2022 20:24:46 GMT
Content-Length
42
Stid
ZHsAAWKKnA0AAAAIEr7SAw==
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/oracle?uid=yrEEBXZe99Yf5%2Foi&BK_SWAP_DEST=5957
Date
Sun, 22 May 2022 20:24:46 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 07:06:32 GMT
server
nginx
etag
W/"620367f8-465a"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame FDC3 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:08:12 GMT
content-encoding
gzip
age
47794
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
0C0FM1BCCM1VN52EXPJP
etag
ae8d955adf98458335c127f4461070c2
vary
Accept-Encoding
x-amz-version-id
At9QZnxQdkeEMjLuJ7ylJ9u23U2amuqG
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
q5j0d6E5MaYfkrhLDJbGXMGqe4bH4xd7VKkY2E7yIEr5y7T9tAz5ww==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame FDC3
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.07&iiqidtype=2&iiqpcid=47d7c286-f97f-4398-a22d-e76a085ab6c3&iiqpciddate=1653251086207&ii...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.07&iiqidtype=2&iiqpcid=47d7c286-f97f-4398-a22d-e76a085ab6c3&iiqpciddate=1653251086207&ii...
63 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.07&iiqidtype=2&iiqpcid=47d7c286-f97f-4398-a22d-e76a085ab6c3&iiqpciddate=1653251086207&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=304_1653251086207&fbp=2503514557&cttl=43200000&rrtt=0&dud=0&abtg=A&ref=dl-file.com&ckls=true&ci=osN6k4D2kJ&nc=false&trid=-196271344
Protocol
H2
Server
13.225.223.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-20.jfk51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
d7b4963a8501a0a36adb82b5be584dac7f0867121fc1479c0c31abc6ed8da219

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
access-control-max-age
3600
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
Db_hMJJkG9h6i7Uxgry7qPCq7jCyl3zQvgpkE5O5hn1yoVjEWIw3vg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
content-length
43
pragma
no-cache
access-control-allow-origin
https://dl-file.com
server
Apache-Coyote/1.1
access-control-max-age
3600
access-control-allow-methods
POST, GET
content-type
image/gif
location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.07&iiqidtype=2&iiqpcid=47d7c286-f97f-4398-a22d-e76a085ab6c3&iiqpciddate=1653251086207&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=304_1653251086207&fbp=2503514557&cttl=43200000&rrtt=0&dud=0&abtg=A&ref=dl-file.com&ckls=true&ci=osN6k4D2kJ&nc=false&trid=-196271344
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
0hQgYgx76Or5ywk0AfcgWrQzlslqLwT5JuE4LxfYGds8mV0bZnfUyQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FDC3 		43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=163483&iiqidtype=2&iiqpcid=47d7c286-f97f-4398-a22d-e76a085ab6c3&iiqpciddate=1653251086207&tsrnd=16_1653251086208&fbp=2503514557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-57.jfk51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
ZLNPLj79Y1Eh8CZVwHbyOKoFJFyuRjcmMBgwRsVZTA-8zoggLS1q9w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tpd
api.permutive.com/v2.0/ 		2 B
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
via
1.1 google
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
iu3
s.amazon-adsystem.com/ Frame E456
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outb...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outb...
379 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
971fbf8ca95da9dd174295352805ed105217fdddf9c52f293b2b379d878357f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
379
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 22 May 2022 20:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
M5ZR6SGSVXEF6YASHASC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 22 May 2022 20:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YFVTNG38CREZ76S7VP5A
bk-coretag.js
tags.bkrtx.com/js/ Frame 48F6 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.46.172 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-46-172.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Sun, 22 May 2022 20:24:46 GMT
Connection
keep-alive
Content-Length
16078
Expires
Sun, 29 May 2022 20:24:46 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame FDC3 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 19:39:39 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
2708
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
content-type
application/javascript
x-amz-cf-id
WgiUpGhnxtt0fCBdd-u7k61TbxF-Ay0UiSA7EiJOr0FiCBYhbfF0uw==
pixels
bcp.crwdcntrl.net/ Frame 27B1 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9e4dab61ddf29e2b60cbfecd0ca9b4ac6ab1a58a92517129aa5edc637314b122

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
3419
content-type
text/html
date
Sun, 22 May 2022 20:24:46 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.1.58
css
fonts.googleapis.com/ Frame 944E 		2 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 May 2022 19:38:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 22 May 2022 20:24:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 May 2022 20:24:46 GMT
css
fonts.googleapis.com/ 		1 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 May 2022 19:37:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 22 May 2022 20:24:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 May 2022 20:24:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E03 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131341
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 24 May 2022 08:53:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 016D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=94&advUuid=38d217dd-da0d-11ec-8eb3-1d3b083c0303
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=94&advUuid=38d217dd-da0d-11ec-8eb3-1d3b083c0303
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 20:24:46 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx

Redirect headers

access-control-allow-credentials
false
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/plain
date
Sun, 22 May 2022 20:24:46 GMT
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=94&advUuid=38d217dd-da0d-11ec-8eb3-1d3b083c0303
x-fe
271
liveCS.php
live.primis.tech/live/ Frame A8B4
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D98%2...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=98&advUuid=e011f362-90df-49ea-a95d-53df5909a4d9
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=98&advUuid=e011f362-90df-49ea-a95d-53df5909a4d9
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 20:24:46 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Sun, 22 May 2022 20:24:46 GMT
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=98&advUuid=e011f362-90df-49ea-a95d-53df5909a4d9
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
s.console.adtarget.com.tr/ Frame DB90 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5905fde036a5a7b3bc26d73a9c421c8796b0b02a85bf68c221d10f732b5b3474

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://dl-file.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
791
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 20:24:46 GMT
Server
Adtelligent
X-Robots-Tag
noindex
liveView.php
live.primis.tech/live/ Frame FDC3 		220 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1ODtyMxZ2nWRyo182MDyvYWU2YTt0ZTE4NTMjNwM4NDtlJTJGqzyxNwI3MwU5ZTuvZGNvNmt5NDxjNmU3OC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVNE9DOTJuV1JfYwE4Mx1EoGyZV1UlWVRaMFcURTROVE13TzcNNE5EZ3yMM1cjWxRZrU56STFPV1U0WW1SnyydYmRPVFE1TURwMU56Z3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyV6TVRZMx9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5UTXyOryE0TURBS2ZRLwFcSxVdrVRjrDVkX2j0Q1uENW83N1ybQyFjSyy4UaRdY0j2TF9Jq0Z1V2fzqzyxX2NioaRyoaRsnWQ9MwE5ODU5NlZ2nWRsY29hqGVhqF9xZXNwPVNkqWFlZSgFozy4K1NyoGkmK1RioWIeUzFcZGVlK2FhZCgEZXVmK0V4K1N0qWRco3MzqzyxX2NioaRyoaRsqGy0oGU9U3F1YXJyK0VhnXteU2VfoHMeVG9gYvgSYWyxZXIeYW5xK0RyqXMeRXteU3R1ZGyiplZ2nWRsY29hqGVhqF9xqXJuqGyiow01NlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYenWykRW5bYW5wZVBlZWJcZCfyMxYeMvfyMxYeZGVzYXVfqCZ4PTtlNvZ5PTQ2NSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxoC1znWkyLzNioSUlRzp2rzgjY3canHFxpvUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFlLzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNTJEMmImMwVGMmImMmqEN0I3MmMkMmpmMDM3MmtmNDMjMmA3RDqCNDMmMmMkN0Q3QwUmNUE0Nmp3NmQ1QTZENxM3MmVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwE1NmZDNmt1MwU3MmU2RwU5NTpmNTZBNUE1NwQlNmx1QTU3NEE3MDVBNDM0MTp2NDx0NDQ5Nwp0Qmp5NDI2QwVBNTp1QTY4NwQ1Nmp4MmA3RDqCNEMmMTMlMmYmNwMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT00NS40OTx1Jzqyo0kiozp9LTpmLwU4NDtzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAkLwAhNDx1MS42NCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFhZXR3o3JeLW4hY29gJTJDpGFsZwA2NDx2ZTpyMxMkJaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI4YTywMGRyMzJvMvZwYaVmqGVlPTE2NTMlNTEjODYmNmMzn3ZsZW5wXmE9qXJfJTNEJTI1MxZaNacepGN6Z2ukZHIyMwUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFl
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
31e84cf04f39b074de1f3006cf30da71c1b9d73d17ced371e1729f5ddec30cbb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dl-file.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
18628
liveView.php
live.primis.tech/live/ Frame FDC3 		102 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1ODtyMxZ2nWRyo182MDyvYWU2YTt0ZTE4NTMjNwM4NDtlJTJGqzyxNwI3MwU5ZTuvZGNvNmt5NDxjNmU3OC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVNE9DOTJuV1JfYwE4Mx1EoGyZV1UlWVRaMFcURTROVE13TzcNNE5EZ3yMM1cjWxRZrU56STFPV1U0WW1SnyydYmRPVFE1TURwMU56Z3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyV6TVRZMx9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5UTXyOryE0TURBS2ZRLwFcSxVdrVRjrDVkX2j0Q1uENW83N1ybQyFjSyy4UaRdY0j2TF9Jq0Z1V2fzqzyxX2NioaRyoaRsnWQ9MwE5ODU5NlZ2nWRsY29hqGVhqF9xZXNwPVNkqWFlZSgFozy4K1NyoGkmK1RioWIeUzFcZGVlK2FhZCgEZXVmK0V4K1N0qWRco3MzqzyxX2NioaRyoaRsqGy0oGU9U3F1YXJyK0VhnXteU2VfoHMeVG9gYvgSYWyxZXIeYW5xK0RyqXMeRXteU3R1ZGyiplZ2nWRsY29hqGVhqF9xqXJuqGyiow01NlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYenWykRW5bYW5wZVBlZWJcZCfyMxYeMvfyMxYeZGVzYXVfqCZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxoC1znWkyLzNioSUlRzp2rzgjY3canHFxpvUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFlLzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNTJEMmImMwVGMmImMmqEN0I3MmMkMmpmMDM3MmtmNDMjMmA3RDqCNDMmMmMkN0Q3QwUmNUE0Nmp3NmQ1QTZENxM3MmVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwE1NmZDNmt1MwU3MmU2RwU5NTpmNTZBNUE1NwQlNmx1QTU3NEE3MDVBNDM0MTp2NDx0NDQ5Nwp0Qmp5NDI2QwVBNTp1QTY4NwQ1Nmp4MmA3RDqCNEMmMTMlMmYmNwMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT00NS40OTx1Jzqyo0kiozp9LTpmLwU4NDtzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAkLwAhNDx1MS42NCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFhZXR3o3JeLW4hY29gJTJDpGFsZwA2NDx2ZTpyMxMkJaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI4YTywMGRyMzJvMvZwYaVmqGVlPTE2NTMlNTEjODYmNmQzn3ZsZW5wXmE9qXJfJTNEJTI1MxZaNacepGN6Z2ukZHIyMwUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFl
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
13e309b7287306b194fe276a0585fe38dcf39afa349b934b51ef838347ede534

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dl-file.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10517
liveView.php
live.primis.tech/live/ Frame FDC3 		101 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1ODtyMxZ2nWRyo182MDyvYWU2YTt0ZTE4NTMjNwM4NDtlJTJGqzyxNwI3MwU5ZTuvZGNvNmt5NDxjNmU3OC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVNE9DOTJuV1JfYwE4Mx1EoGyZV1UlWVRaMFcURTROVE13TzcNNE5EZ3yMM1cjWxRZrU56STFPV1U0WW1SnyydYmRPVFE1TURwMU56Z3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyV6TVRZMx9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5UTXyOryE0TURBS2ZRLwFcSxVdrVRjrDVkX2j0Q1uENW83N1ybQyFjSyy4UaRdY0j2TF9Jq0Z1V2fzqzyxX2NioaRyoaRsnWQ9MwE5ODU5NlZ2nWRsY29hqGVhqF9xZXNwPVNkqWFlZSgFozy4K1NyoGkmK1RioWIeUzFcZGVlK2FhZCgEZXVmK0V4K1N0qWRco3MzqzyxX2NioaRyoaRsqGy0oGU9U3F1YXJyK0VhnXteU2VfoHMeVG9gYvgSYWyxZXIeYW5xK0RyqXMeRXteU3R1ZGyiplZ2nWRsY29hqGVhqF9xqXJuqGyiow01NlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYenWykRW5bYW5wZVBlZWJcZCfyMxYeMvfyMxYeZGVzYXVfqCZ4PTtlNvZ5PTQ2NSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxoC1znWkyLzNioSUlRzp2rzgjY3canHFxpvUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFlLzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNTJEMmImMwVGMmImMmqEN0I3MmMkMmpmMDM3MmtmNDMjMmA3RDqCNDMmMmMkN0Q3QwUmNUE0Nmp3NmQ1QTZENxM3MmVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwE1NmZDNmt1MwU3MmU2RwU5NTpmNTZBNUE1NwQlNmx1QTU3NEE3MDVBNDM0MTp2NDx0NDQ5Nwp0Qmp5NDI2QwVBNTp1QTY4NwQ1Nmp4MmA3RDqCNEMmMTMlMmYmNwMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT00NS40OTx1Jzqyo0kiozp9LTpmLwU4NDtzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAkLwAhNDx1MS42NCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFhZXR3o3JeLW4hY29gJTJDpGFsZwA2NDx2ZTpyMxMkJaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI4YTywMGRyMzJvMvZwYaVmqGVlPTE2NTMlNTEjODYmODQzn3ZsZW5wXmE9qXJfJTNEJTI1MxZaNacepGN6Z2ukZHIyMwUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFl
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
3eeff63befa89024fd225d959f41c303123766396e3d20184d911d809a00db39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dl-file.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10229
vid627259e8bdcb7894907578_thumb.jpg
video.primis.tech/uploads/cn21/video/users/converted/28588/video_609bae6a84e18530638482/ Frame 944E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578_thumb.jpg?cbuster=1651661732
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
42e0d9a1df7c1d7e8a1119423cb4d6018f9b82d0a00b4f7170f61ae05421953b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 85331abd84b5669394785900a34f7b14.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 10:55:33 GMT
server
Tengine
x-amz-cf-pop
SFO5-C1
etag
"463eea8fc2ff03d72c2d44a5adb6a7f2"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3706
x-amz-cf-id
k7GRoIjmclSB0tCMOPpHChlo4jQUyL1Y-02dDs99KmkKvI5vxVRZIA==
x-proxy-cache
HIT
vid625ea3c0cf3f1502424858_thumb.jpg
video.primis.tech/uploads/cn6/video/users/converted/28588/video_609bae6a84e18530638482/ Frame 944E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/28588/video_609bae6a84e18530638482/vid625ea3c0cf3f1502424858_thumb.jpg?cbuster=1650370090
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
35e61f17867ed010340868c9820d5ac28eabe62a5b40f299cacb418b2104c8c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 d8637b73bee5bf30932e15ee62bd60dc.cloudfront.net (CloudFront)
last-modified
Tue, 19 Apr 2022 12:08:11 GMT
server
Tengine
x-amz-cf-pop
ATL56-C3
etag
"a02584d3acd76ef67cc945a2a3dcbfc1"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3412
x-amz-cf-id
fkO5HjUbAapcIsOvaIpYuSFoQYtsszvuWpDISaLCIpjwjlKAtV1-Dw==
x-proxy-cache
HIT
vid6283c7d38c700567179479_thumb.jpg
video.primis.tech/uploads/cn9/video/users/converted/28588/video_609bae6a84e18530638482/ Frame 944E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn9/video/users/converted/28588/video_609bae6a84e18530638482/vid6283c7d38c700567179479_thumb.jpg?cbuster=1652804139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
2e62a0f80dde7d448b2a960240d808dcaf23cef8743856677b21edd8d7189094

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 37504d411c7d230cb5e53aaf2809b804.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 16:15:40 GMT
server
Tengine
x-amz-cf-pop
YUL62-C2
etag
"ed562700f2bbc7b4a507e778d7af89bd"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3520
x-amz-cf-id
oWNGdNu9odVrcd3TNnZVnA9mAj8wtrVAWOYlII-E8F_7LI_CsFSh3A==
x-proxy-cache
HIT
vid62681c769279e171225662_thumb.jpg
video.primis.tech/uploads/cn13/video/users/converted/28588/video_609bae6a84e18530638482/ Frame 944E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/28588/video_609bae6a84e18530638482/vid62681c769279e171225662_thumb.jpg?cbuster=1650990849
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
a1fb8c5de496384e3f1b3f6cdcd4451b6efbdee3fe31c68b49969744d58df1f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 b2ec1df9e45c0b11d79d727742d0a012.cloudfront.net (CloudFront)
last-modified
Tue, 26 Apr 2022 16:39:40 GMT
server
Tengine
x-amz-cf-pop
LAX3-C4
etag
"81c1fab1b2aa734ccaaa64d73868558c"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3083
x-amz-cf-id
ujYcesOHGpMVnwO2mFMuJIVXUJhETZVTbS9Z0YlC-S_D2a_BZZozhQ==
x-proxy-cache
HIT
vid627bc86c215ac500624959_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/28588/video_609bae6a84e18530638482/ Frame 944E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/28588/video_609bae6a84e18530638482/vid627bc86c215ac500624959_thumb.jpg?cbuster=1652279643
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
49292d8ed6eedb5edb5ac7c79dc70e095f89040c7b572a46a2489ce880aa2f4c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 56d3604ac04bb426a5e942749eccab1a.cloudfront.net (CloudFront)
last-modified
Wed, 11 May 2022 14:34:04 GMT
server
Tengine
x-amz-cf-pop
LAX3-C4
etag
"4dc9afce4f6f631ed788e95b387aa2bb"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3214
x-amz-cf-id
rBRnqyBqnEocWgSuuA82NJAIjw2TFG0tqJJdJd0TWGHp9dMyCyu6ZA==
x-proxy-cache
HIT
vid62695f2370267608828674_thumb.jpg
video.primis.tech/uploads/cn14/video/users/converted/28588/video_609bae6a84e18530638482/ Frame 944E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn14/video/users/converted/28588/video_609bae6a84e18530638482/vid62695f2370267608828674_thumb.jpg?cbuster=1651073409
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
13147e03c7dabc79fe50891b03d2ecf3eec620a3e1c911215096232fad2ead31

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 538a08eba98551a196e344df4d0dda06.cloudfront.net (CloudFront)
last-modified
Wed, 27 Apr 2022 15:30:10 GMT
server
Tengine
x-amz-cf-pop
LAX50-C1
etag
"0f9bd80ce5f9665ab674509fa27393fa"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3834
x-amz-cf-id
pSm9OUNha1aDdspkl_Dd3Ves4c6UZ54S3tfjtfnU4QZKUKfgcdYvNA==
x-proxy-cache
HIT
vid625ea19d0f179394059849_thumb.jpg
video.primis.tech/uploads/cn6/video/users/converted/28588/video_609bae6a84e18530638482/ Frame 944E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/28588/video_609bae6a84e18530638482/vid625ea19d0f179394059849_thumb.jpg?cbuster=1650369484
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
b8815c619566c4705e1da4ad5b9cf5363b1ddad9fd182d97d60575eee1868a13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
last-modified
Tue, 19 Apr 2022 11:58:05 GMT
server
Tengine
x-amz-cf-pop
LAX50-C1
etag
"13c4b6f3d4c23bde873ec1ae42d06a9c"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3656
x-amz-cf-id
6l8WTAriIXDKMc_k9Vm9_xsj22r7I4AYaLNsSd4qEw5UFtBnzmR1-A==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY1MmI1MTA4NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5NmQkJaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNTJEMmImMwVGMmImMmqEN0I3MmMkMmpmMDM3MmtmNDMjMmA3RDqCNDMmMmMkN0Q3QwUmNUE0Nmp3NmQ1QTZENxM3MmVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwE1NmZDNmt1MwU3MmU2RwU5NTpmNTZBNUE1NwQlNmx1QTU3NEE3MDVBNDM0MTp2NDx0NDQ5Nwp0Qmp5NDI2QwVBNTp1QTY4NwQ1Nmp4MmA3RDqCNEMmMTMlMmYmNwMmN0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTE0OS41Nv4kNTMhMTt5JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNwQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlOGE5YmBxZTJvYwIzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA4NwM1NlZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXE=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:45 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame FDC3 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.28588.space.109741,adsize.640x440
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:61c0:eb61:c438:2f4e , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
sync.smartadserver.com/ Frame FDC3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sekindo&bidswitch_custom_parameter=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=aa24cbad3edd9d07de7536ed62dcb932&expires=30&ssp=sekindo&bsw_param=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1267919208%26pcid%3D883106e7-cc3...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&csh=
  • https://ads.yieldmo.com/pbsync?redirectUri=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1868283820%26mi%3D10%26csh%3D1723987475%3B1267919208%26rnd%3D-...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1868283820&mi=10&csh=1723987475;1267919208&rnd=-1333688244&pcid=g446a9ba13a782515297
  • https://pixel-sync.sitescout.com/connectors/datonics/usersync?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D685030305%26mi%3D10%26csh%3D172398747...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=685030305&mi=10&csh=1723987475;1267919208;1868283820&rnd=27796196&pcid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1881119486%26mi%3D10%26csh%3D1723987475%3B1267919208%3B18682838...
  • https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1723987475;1267919208;1868283820;685030305&rnd=-789867183&pc...
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1723987475;1267919208;1868283820;685030305&rnd=-789867183&pcid=[sas_uid]&cklb=1
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1723987475;1267919208;1868283820;685030305&rnd=-789867183&pcid=[sas_uid]&cklb=1
pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
liveCS.php
live.primis.tech/live/ Frame FDC3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=93&advUuid=992a8306-d580-49c1-ba88-3cbada04cc2b
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=93&advUuid=992a8306-d580-49c1-ba88-3cbada04cc2b
Protocol
H2
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=93&advUuid=992a8306-d580-49c1-ba88-3cbada04cc2b
date
Sun, 22 May 2022 20:24:46 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame FDC3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=99&advUuid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=99&advUuid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Protocol
H2
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=99&advUuid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Sun, 22 May 2022 20:24:46 GMT
0
sync.1rx.io/usersync/intentiq/ Frame FDC3
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3814197496973...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=381419749697304055279
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEUxMzU5QUItODM4Qy00OTczLUIxNjctODM2Q0Q0OUZBRUQw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=259151345&rnd=-205220064&pcid=0E1359AB-838C-4973-B167-836CD49FAED0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D259151345%3B1402230080%26rnd%3D-546226825&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=259151345;1402230080&rnd=-546226825&pcid=6542586661939034833
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D25915...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=259151345;1402230080;1709765917&rnd=124252019&pcid=e011f362-90df-49ea-a95d-53df5909a4d9
  • https://ce.lijit.com/merge?pid=8101&3pid=osN6k4D2kJ&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D259151345%3B1402...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=259151345;1402230080;1709765917;1486637409&rnd=-776831740&pcid=Er1IbSZHEQFzpIZfRt6_Z4U8
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D259151345%3B14...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182&rnd=-1750654349&pcid=38d217dd-da0d-11ec-8eb3-1d3b...
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D259151345%3B1402230080...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182;1072441116&rnd=1898466470&pcid=afb5628a-9c0e-4600...
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080...
0
0
tap.php
pixel.rubiconproject.com/ Frame FDC3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=L3HR0EPW-1N-ILOC&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=L3HR0EPW-1N-ILOC
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=osN6k4D2kJ&expires=1825&rnd=1440516198
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=osN6k4D2kJ&expires=1825&rnd=1440516198
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=osN6k4D2kJ&expires=1825&rnd=1440516198
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-type
image/gif
content-length
43
x-amz-cf-id
UXwyQnnT5WWpOHGQiz6r9_NJ6n_Zxkp44mXt8KF4C_ogiaPF8HxSng==
expires
Thu, 01 Jan 1970 00:00:00 GMT
occ
amli.sekindo.com/ups.analytics.yahoo.com/ups/58627/ Frame FDC3 		0
0
liveCS.php
live.primis.tech/live/ Frame FDC3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=105&advUuid=6542586661939034833
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=105&advUuid=6542586661939034833
Protocol
H2
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ec6e44b-1c8f-41c2-bc27-8c0c942bd8eb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=&advId=105&advUuid=6542586661939034833
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FDC3
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3Dhttps%253A%252F%252Fsync.intent...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D+584182936%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=%20584182936&pcid=53a3185e737c4fb7ab973d665b5feed4
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=%20584182936&pcid=53a3185e737c4fb7ab973d665b5feed4
Protocol
H2
Server
13.225.223.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-57.jfk51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
iCiLCADvfIoDtqFqoqtRD5TxoZfGaJtWqv18_aoVPpzXMm5TJ5Ob9A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:45 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi= 584182936&pcid=53a3185e737c4fb7ab973d665b5feed4
cache-control
no-store
content-type
text/html; charset=utf-8
0
sync.1rx.io/usersync/intentiq/ Frame FDC3
Redirect Chain
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=628a9c0de2bb2&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3Dhttps%253A%252F%252...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=628a9c0de2bb2&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=2962526861455797000V10
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzA4N0FDQTgtNTg1Ny00RjUyLUIyOTUtMURCQjEyNjdCQjhB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=259151345&rnd=-205220064&pcid=0E1359AB-838C-4973-B167-836CD49FAED0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D259151345%3B1402230080%26rnd%3D-1767625279&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=259151345;1402230080&rnd=-1767625279&pcid=6542586661939034833
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D25915...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=259151345;1402230080;1709765917&rnd=-366992590&pcid=e011f362-90df-49ea-a95d-53df5909a4d9
  • https://ce.lijit.com/merge?pid=8101&3pid=osN6k4D2kJ&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D259151345%3B1402...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=259151345;1402230080;1709765917;1486637409&rnd=685318290&pcid=Er1IbSZHEQFzpIZfRt6_Z4U8
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D259151345%3B14...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182&rnd=519425269&pcid=38d217dd-da0d-11ec-8eb3-1d3b08...
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D259151345%3B1402230080...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=259151345;1402230080;1709765917;1486637409;396218182;1072441116&rnd=1364401370&pcid=afb5628a-9c0e-4600...
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080...
  • https://sync.1rx.io/usersync/intentiq/0?zcc=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B...
0
0
pixel
ap.lijit.com/ Frame FDC3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D628a9c0de2bb2%26pixel%3D%26advId%3D130%26advUuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 20:24:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
vid627259e8bdcb7894907578.jpg
video.primis.tech/uploads/cn21/video/users/converted/28588/video_609bae6a84e18530638482/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.jpg?cbuster=1651661732
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
c742c7d5e9fb6770c470a0cd751986f27f0a6f7ef7366abbedcaed0b570ba75f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 518f46e79d9e7fee6a625c5924750956.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 10:55:32 GMT
server
Tengine
x-amz-cf-pop
SFO5-P1
etag
"7491a463a1ea4119dc8f72b62a4d02ef"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
29409
x-amz-cf-id
7TsyIavKCshwLTE-DV_ZF391fP8KZKFw4D2D8X5GFNpMx08jIlbSNg==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame FDC3 		101 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1ODtyMxZ2nWRyo182MDyvYWU2YTt0ZTE4NTMjNwM4NDtlJTJGqzyxNwI3MwU5ZTuvZGNvNmt5NDxjNmU3OC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVNE9DOTJuV1JfYwE4Mx1EoGyZV1UlWVRaMFcURTROVE13TzcNNE5EZ3yMM1cjWxRZrU56STFPV1U0WW1SnyydYmRPVFE1TURwMU56Z3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyV6TVRZMx9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5UTXyOryE0TURBS2ZRLwFcSxVdrVRjrDVkX2j0Q1uENW83N1ybQyFjSyy4UaRdY0j2TF9Jq0Z1V2fzqzyxX2NioaRyoaRsnWQ9MwE5ODU5NlZ2nWRsY29hqGVhqF9xZXNwPVNkqWFlZSgFozy4K1NyoGkmK1RioWIeUzFcZGVlK2FhZCgEZXVmK0V4K1N0qWRco3MzqzyxX2NioaRyoaRsqGy0oGU9U3F1YXJyK0VhnXteU2VfoHMeVG9gYvgSYWyxZXIeYW5xK0RyqXMeRXteU3R1ZGyiplZ2nWRsY29hqGVhqF9xqXJuqGyiow01NlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYenWykRW5bYW5wZVBlZWJcZCfyMxYeMvfyMxYeZGVzYXVfqCZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxoC1znWkyLzNioSUlRzp2rzgjY3canHFxpvUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFlLzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNTJEMmImMwVGMmImMmqEN0I3MmMkMmpmMDM3MmtmNDMjMmA3RDqCNDMmMmMkN0Q3QwUmNUE0Nmp3NmQ1QTZENxM3MmVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwE1NmZDNmt1MwU3MmU2RwU5NTpmNTZBNUE1NwQlNmx1QTU3NEE3MDVBNDM0MTp2NDx0NDQ5Nwp0Qmp5NDI2QwVBNTp1QTY4NwQ1Nmp4MmA3RDqCNEMmMTMlMmYmNwMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT00NS40OTx1Jzqyo0kiozp9LTpmLwU4NDtzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAkLwAhNDx1MS42NCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFhZXR3o3JeLW4hY29gJTJDpGFsZwA2NDx2ZTpyMxMkJaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI4YTywMGRyMzJvMvZwYaVmqGVlPTE2NTMlNTEjODY0MTQzn3ZsZW5wXmE9qXJfJTNEJTI1MxZaNacepGN6Z2ukZHIyMwUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFl
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
78923385d4847d8659898c2ec97902b8ffbb0d1ad3522c19e59f1192a509649e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dl-file.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
9936
/
wt.rqtrk.eu/ Frame 27B1 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=455845702&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=320ccd6ee26dd0ed1d01c6b9194fb816
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.102 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-001.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-type
image/gif
content-length
43
expires
Sun, 22 May 2022 20:24:45 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e7d976ba-c653-41a4-983d-9d0c2b298e72/gdpr=0/ Frame 27B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e7d976ba-c653-41a4-983d-9d0c2b298e72/gdpr=0/gdpr_consent=
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e7d976ba-c653-41a4-983d-9d0c2b298e72/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.199
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e7d976ba-c653-41a4-983d-9d0c2b298e72/gdpr=0/gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
ltm
audex.userreport.com/sync/put/ Frame 27B1 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=320ccd6ee26dd0ed1d01c6b9194fb816
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-24.jfk51.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Via
1.1 a751121faec5553b68a53cf4d4b7e9a6.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.20.0
X-Amz-Cf-Pop
JFK51-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
he7uEtzmEh3pI2ss-0wtg57wscSag71ls6lMWv6KCt8RNygVpnT93Q==
cm
trc.taboola.com/sg/lotame/1/ Frame 27B1 		43 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/lotame/1/cm
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1653251087.554510,VS0,VE12
x-served-by
cache-yul12834-YUL
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
tpid=41c84834-87df-4e67-95cb-1060735f6550
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 27B1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D41c84834-87df-4e67-95cb-1060735f6550%252Chttps%253A...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6542586661939034833&pt=41c84834-87df-4e67-95cb-1060735f6550%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=41c84834-87df-4e67-95cb-1060735f6550
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=41c84834-87df-4e67-95cb-1060735f6550
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.3.60
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=41c84834-87df-4e67-95cb-1060735f6550
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 27B1 		0
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
x-content-type-options
nosniff
to-dmp-sync
s2b-dmp-use1-aws.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cache-control
no-store
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
70f846fb0a99cab0-YYZ
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
expires
0
tpid=a6f51a11-a94a-6492-c927-768e63be88f8
bcp.crwdcntrl.net/map/c=10098/tp=SRVT/ Frame 27B1
Redirect Chain
  • https://px.surveywall-api.survata.com/t
  • https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=a6f51a11-a94a-6492-c927-768e63be88f8
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=a6f51a11-a94a-6492-c927-768e63be88f8
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.38.174
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Sun, 22 May 2022 20:24:46 GMT
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Server
nginx/1.19.2
X-Powered-By
Express
Content-Type
image/gif; charset=utf-8
Location
https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=a6f51a11-a94a-6492-c927-768e63be88f8
Referer
px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection
keep-alive
Content-Length
0
gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87599100878721057212117953507650655141/ Frame 27B1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87599100878721057212117953507650655141/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87599100878721057212117953507650655141/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.137
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-usw2-2-v028-07cd19e76.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
v/3YJEwnSo0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87599100878721057212117953507650655141/gdpr=0
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame 27B1 		0
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:320ccd6ee26dd0ed1d01c6b9194fb816
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:45 GMT
Arr-Disable-Session-Affinity
true
Access-Control-Allow-Credentials
true
Cache-Control
max-age=60, private, must-revalidate
Content-Length
0
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
lotame
sync.sharethis.com/ Frame 27B1 		42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.174.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-174-164.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Sun, 22 May 2022 20:24:46 GMT
Content-Length
42
Stid
ZHsAAWKKnA0AAAAIEr7SAw==
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 27B1 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=320ccd6ee26dd0ed1d01c6b9194fb816
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.204.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-204-120.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1653251086
x-served-by
beacon-n014-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame 27B1
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=320ccd6ee26dd0ed1d01c6b9194fb816
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=320ccd6ee26dd0ed1d01c6b9194fb816
120 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=320ccd6ee26dd0ed1d01c6b9194fb816
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Server
64.58.232.180 San Diego, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS14
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Sun, 22 May 2022 20:24:46 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=320ccd6ee26dd0ed1d01c6b9194fb816
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS15
Content-Type
text/html; charset=utf-8
Content-Length
217
qmap
sync.crwdcntrl.net/ Frame 27B1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213690604159013372131&gdpr=0&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213690604159013372131&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.11.11
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 8844c3dbe820eac69f8ca9f1c7fb7402.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK51-C1
location
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213690604159013372131&gdpr=0&gdpr_consent=
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
zUDhNiuXDP6tIAiy89yW08-xpleboiQBSellzt5-_lySyjfVBA4QPw==
expires
0
match
ps.eyeota.net/ Frame 27B1 		70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=51mdg9u&uid=320ccd6ee26dd0ed1d01c6b9194fb816&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
tpid=CI-989b7e35b2ac3e85bb0e16f979d93d2f
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 27B1
Redirect Chain
  • https://dt-secure.videohub.tv/v1/usync/lo
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-989b7e35b2ac3e85bb0e16f979d93d2f
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-989b7e35b2ac3e85bb0e16f979d93d2f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.47.216
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-989b7e35b2ac3e85bb0e16f979d93d2f
Date
Sun, 22 May 2022 20:24:46 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 27B1
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D363%26tp%3DADGR%26tpid%3D__AG_UID__%26gdpr%3D0
  • https://cm.adgrx.com/bridge.gif?AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D363%26tp%3DADGR%26tpid%3D__AG_UID__%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=363&tp=ADGR&tpid=38f5cf0e-da0d-11ec-a242-f3edface7b2c&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=363&tp=ADGR&tpid=38f5cf0e-da0d-11ec-a242-f3edface7b2c&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.74
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
server
Cowboy
Location
https://sync.crwdcntrl.net/qmap?c=363&tp=ADGR&tpid=38f5cf0e-da0d-11ec-a242-f3edface7b2c&gdpr=0
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-5
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
qmap
sync.crwdcntrl.net/ Frame 27B1
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=afb5628a-9c0e-4600-94cb-309c0e1eca58&src=lot&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=afb5628a-9c0e-4600-94cb-309c0e1eca58&src=lot&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.44.131
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Sun, 22 May 2022 20:24:46 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=afb5628a-9c0e-4600-94cb-309c0e1eca58&src=lot&gdpr=0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 20:24:45 GMT
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341/ Frame 27B1
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.14.77
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
gdpr=0&_test=YoqcDgADRCjODwAj
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YoqcDgADRCjODwAj/ Frame 27B1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=YoqcDgADRCjODwAj
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YoqcDgADRCjODwAj/gdpr=0&_test=YoqcDgADRCjODwAj
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YoqcDgADRCjODwAj/gdpr=0&_test=YoqcDgADRCjODwAj
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.194
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653251087.758843,VS0,VE0
x-served-by
cache-yul12821-YUL
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YoqcDgADRCjODwAj/gdpr=0&_test=YoqcDgADRCjODwAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 27B1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 27B1 		62 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=590e93753362f5bc5397770038085e5e
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2740194895956978880/ Frame 27B1
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/320ccd6ee26dd0ed1d01c6b9194fb816/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2740194895956978880/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2740194895956978880/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.46.34
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2740194895956978880/gdpr=0
pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=607378696
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6542586661939034833/gdpr=0/ Frame 27B1
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=607378696
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6542586661939034833/gdpr=0/rand=607378696
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6542586661939034833/gdpr=0/rand=607378696
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C108%2C106%2C104%2C95%2C94%2C92%2C81%2C80%2C78%2C65%2C49%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.34.234
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
30a885b0-20ec-4c5b-8732-df99ff8b3fab
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6542586661939034833/gdpr=0/rand=607378696
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 05:50:56 GMT
x-content-type-options
nosniff
age
484430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 05:50:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 944E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:32:08 GMT
x-content-type-options
nosniff
age
348758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:32:08 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6542586661939034833
0
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=6542586661939034833
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
028ac0b4-fe32-4a50-a576-d23098f72d69
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u.4dex.io/setuid?bidder=appnexus&uid=6542586661939034833
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://dl-file.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://dl-file.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://dl-file.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://dl-file.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
config
c.amazon-adsystem.com/cdn/prod/ Frame FDC3 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdl-file.com&pubid=968a0f5c-e5ed-4ba9-bf43-8be1f5b68988
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 17:17:30 GMT
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
server
Server
age
11236
x-cache
Hit from cloudfront
access-control-allow-origin
https://dl-file.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
QKYxWTFZZ15naac2_deBInxt_a1_HcfEj7AYwTAnj5Sku8aiLul4EQ==
auction
tlx.3lift.com/header/ Frame FDC3 		19 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.18.0&referrer=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&tmax=3000
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.2.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-2-123.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
accept-ch
sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ Frame FDC3 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dl-file.com
date
Sun, 22 May 2022 20:24:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame FDC3 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dl-file.com
date
Sun, 22 May 2022 20:24:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ Frame FDC3 		1 KB
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU695QH7
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f956cadd21ce23cdc94a772e002a9de129b826e7540ac0d58d29729279e9b50b

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame FDC3 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://dl-file.com
date
Sun, 22 May 2022 20:24:46 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
bidRequest
c2shb.pubgw.yahoo.com/ Frame FDC3 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
48ab134bc1ea50c51d5cd492f8cc048ff541b1c1618bd920dcd039a8e2516945

Request headers

Referer
https://dl-file.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
content-length
66
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame FDC3 		67 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=29929282&componentId=prebid&componentSubId=mustang&timestamp=1653251086593&pKey=-1297934535&schain=1.0%2C1!network-n.com%2Cpa_f06496e7%2C1%2Ccb464307-f280-47b4-8d85-62b3dc819e20%2C%2C&loc=https%3A%2F%2Fdl-file.com%2F&playerSize=400x225
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.218 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://dl-file.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1653251086873008-266
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame FDC3 		67 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1653251086593&pKey=485943621&schain=1.0%2C1!network-n.com%2Cpa_f06496e7%2C1%2Ccb464307-f280-47b4-8d85-62b3dc819e20%2C%2C&loc=https%3A%2F%2Fdl-file.com%2F&playerSize=400x225
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.218 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://dl-file.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1653251086869036-300
bid
c.amazon-adsystem.com/e/dtb/ Frame FDC3 		202 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&pid=IKgqASpZfN5Fr&cb=0&ws=1x1&v=7.75.0&t=2000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A340%7D%5D&schain=1.0%2C1!network-n.com%2Cpa_f06496e7%2C1%2Ccb464307-f280-47b4-8d85-62b3dc819e20%2C%2C&pubid=968a0f5c-e5ed-4ba9-bf43-8be1f5b68988&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
a8863b4ddae3068273f0f50864673aa21d36ddc13d43170cdf18038a7b20f06e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK51-C1
x-amz-rid
1G6TTKYES3N7SXPVAYV4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
202
x-amz-cf-id
P6YF3JaM0USkGA_jVaTiT5LmlF7JG3wb-hBXr8iPuvFlZ0DefkVm7g==
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwUmMwUkMDt2JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTpjNwQ1NmIzrD00MDAzrT0lMwUzoXN0YT0kNmA3ODQjMCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDEhMC40OTUkLwY0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwuuOWMjZGUlYzIlJaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA4NwU1NCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
pr
s.amazon-adsystem.com/v3/ Frame 4001 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
611c4f19a053ecd742cfae6acb0180efeef466f5fa3ff0dea928e960256f3d7e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3403
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 22 May 2022 20:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
477740J3DBJ9XYVGE64Y
5386
tags.bluekai.com/site/ Frame 1DBF
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHsAAWKKnA0AAAAIEr7SAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.943.23339%26cid%3Dc010%26cl...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
62 B
745 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/5386?id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

BK-Server
8754
Cache-Control
max-age=86400, private
Connection
keep-alive
Content-Length
62
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:47 GMT
Expires
Mon, 23 May 2022 20:24:46 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
221
content-type
text/html
date
Sun, 22 May 2022 20:24:46 GMT
location
https://tags.bluekai.com/site/5386?id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
vid627259e8bdcb7894907578.jpg
video.primis.tech/uploads/cn21/video/users/converted/28588/video_609bae6a84e18530638482/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.jpg?cbuster=1651661732
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
c742c7d5e9fb6770c470a0cd751986f27f0a6f7ef7366abbedcaed0b570ba75f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 518f46e79d9e7fee6a625c5924750956.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 10:55:32 GMT
server
Tengine
x-amz-cf-pop
SFO5-P1
etag
"7491a463a1ea4119dc8f72b62a4d02ef"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:46 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
29409
x-amz-cf-id
7TsyIavKCshwLTE-DV_ZF391fP8KZKFw4D2D8X5GFNpMx08jIlbSNg==
x-proxy-cache
HIT
ecm3
s.amazon-adsystem.com/ Frame 4001
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AP1XNGW55PWM4FQ22SB9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Date
Sun, 22 May 2022 20:24:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 4001
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GBZNMDGZVC56SD63QT63
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
Date
Sun, 22 May 2022 20:24:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame 4001
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WHWFAZMZWJR02632B8MH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:46 GMT
via
1.1 8844c3dbe820eac69f8ca9f1c7fb7402.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
RdSqyktQVt6rt4P7hty_KH9tTTut6AYRVPKh-9Rnvyb98aHuxxhRMQ==
ecm3
s.amazon-adsystem.com/ Frame 4001
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PNDW4QS49ECQB19DWV1F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 4001
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XGRVM7PPWMKBG9SSHQ23
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 21 May 2022 20:24:46 GMT
ecm3
s.amazon-adsystem.com/ Frame 4001
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHUYVS4ZUJBXUO...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=1Ys4HoGgsBHvDXk05p-c
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=1Ys4HoGgsBHvDXk05p-c
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
A9F4378Z67D3BK4WXN5F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
P3p
CP="We do not support P3P header."
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=1Ys4HoGgsBHvDXk05p-c
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 41EB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.145.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3a6a563466752e1144c985d98e5134b282e4a1bd8f5f4e133a7f42b75b6e38bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 22 May 2022 20:24:46 GMT
etag
W/"028dd9ab37d13b4e84b16536f7174d218"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 581A 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1815d6972f651869e5cccbacce9d4346e027e1868b4767fa2945484e5e6e4e6c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1507
Content-Type
text/html
Date
Sun, 22 May 2022 20:24:46 GMT
Dropped-Udsids
230|45|241|39|40|4|10|41
Expires
Sun, 22 May 2022 20:24:46 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
ecm3
s.amazon-adsystem.com/ Frame A95E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
3XBGXQ81RTBSK44XRR93

Redirect headers

content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
TAM
sync.inmobi.com/ Frame E5F8 		0
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame A1A7 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
eb8687e450cc1ed7e7b35a9139b242584e74372d14ab3a74efc8adce11425cf6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Sun, 22 May 2022 20:24:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 080B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131341
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 24 May 2022 08:53:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 807E 		893 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.62.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-62-183.compute-1.amazonaws.com
Software
/
Resource Hash
681ee895370949f77dd63a92386b9747f4409eac446165b937bd49d5ad4a18ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
visitormatch
bh.contextweb.com/ Frame AFF8 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
934a2c110409796d1065c400609814230cb16f68f317bd5c7f930804c4236098
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-686468cdff-ph697
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 1BC5
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381419749697304055279
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381419749697304055279
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-Beeswax_smrt_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
69D0K5DZDSH0A95ERDXZ

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381419749697304055279
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
iu3
s.amazon-adsystem.com/ Frame A2C3 		342 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Beeswax_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4233fc987b55311c5816116368270bfd908b6a668a6761234cdb83bace1eb5e1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
342
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 22 May 2022 20:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q6V6QBS1CMV744FNRNGS
usermatchredir
ssum-sec.casalemedia.com/ Frame 581A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJWT2eu5dnqK_FWfXIBmMA8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJWT2eu5dnqK_FWfXIBmMA8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJWT2eu5dnqK_FWfXIBmMA8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 581A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoqcDqa9EIQ3upvl3ZMnoAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 581A 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0WMRP6MG2D4TQ45S50CT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 581A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&expiration=1655843086&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&expiration=1655843086&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&expiration=1655843086&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
rum
dsum-sec.casalemedia.com/ Frame 581A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2740194895956978880
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2740194895956978880
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2740194895956978880
pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 581A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=671066848977
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=671066848977
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=671066848977
crum
dsum-sec.casalemedia.com/ Frame 581A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=38f5cf0e-da0d-11ec-a242-f3edface7b2c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=38f5cf0e-da0d-11ec-a242-f3edface7b2c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=38f5cf0e-da0d-11ec-a242-f3edface7b2c
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-5
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
ecm3
s.amazon-adsystem.com/ Frame 581A 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TC6BNBAQQ1QHHA67HPFS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie
cm.adform.net/ Frame 75ED 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sun, 22 May 2022 20:24:47 GMT
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 80A9 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 22 May 2022 20:24:46 GMT
Etag
c4982b3c6a31df6a
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame 3CA7 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 22 May 2022 20:24:46 GMT
Etag
c4982b3c6a31df6a
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame 83AB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cARoN1Zi0F9JT8Xj9Aen&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cARoN1Zi0F9JT8Xj9Aen&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 22 May 2022 20:24:46 GMT
Etag
c4982b3c6a31df6a
Server
VertaMedia 1.0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 22 May 2022 20:24:47 GMT Sun, 22 May 2022 20:24:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cARoN1Zi0F9JT8Xj9Aen&pi=admatic&tc=1
pragma
no-cache
pbsync.html
js.adscale.de/ Frame 8096 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:6000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
5110
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Sun, 22 May 2022 18:59:38 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Fri, 20 May 2022 06:59:32 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
x-amz-cf-id
n2LRgeCwH_c-fklglD9l4KuCNCZF1UOhgEhuYTxiQD-wMz57g-NBlQ==
x-amz-cf-pop
JFK51-C1
x-amz-version-id
N6qgK1VIC9JSD.yt_eJIOKDhAzVT1mFo
x-cache
Hit from cloudfront
csync
sync.console.adtarget.com.tr/ Frame DB90 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:46 GMT
Server
VertaMedia 1.0
Etag
c4982b3c6a31df6a
Content-Length
43
Content-Type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame C68F
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-148.compute-1.amazonaws.com
Software
/
Resource Hash
427a942fe9dae76d895c99b5f7d5e6f4e7e58531d25b5e3000ed83d0f7ea1a04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 20:24:47 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 22 May 2022 20:24:47 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 20:24:47 GMT
location
/um/cs&eq_cc=1
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2179f3c37347036e6dfd524e274f937e70f55c1f5295ce89f8d343643c85b482

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
via
1.1 google
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6542586661939034833
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6542586661939034833
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
37f815d9-1f59-4efd-adca-a52ae3c93636
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=6542586661939034833
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_c0ff111c-3347-493a-87ac-6fe27d4a00f7&gdpr=0&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=257778268428343628&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 41EB
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28wRNN9zFmbj05Oy0jR8voNmLbkkKQpi7GoxOsoVxWMMMSHqPnChEsqrazYAROY09Y%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_c0ff111c-3347-493a-87ac-6fe27d4a00f7&obuid=ENC(wRNN9zFmbj05Oy0jR8voNmLbkkKQpi7GoxOsoVxWMMMSHqPnChEsqrazYAROY09Y)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=wRNN9zFmbj05Oy0jR8voNmLbkkKQpi7GoxOsoVxWMMMSHqPnChEsqrazYAROY09Y
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&ssp=outbrain&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593732964967993940&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=41c84834-87df-4e67-95cb-1060735f6550&ssp=outbrain&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213690604159013372131&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964967993940&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964967993940&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964967993940&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e089b1a2-f48c-494f-8a43-d5117d11e68a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e089b1a2-f48c-494f-8a43-d5117d11e68a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=e089b1a2-f48c-494f-8a43-d5117d11e68a
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 41EB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.163.145.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189
Date
Sun, 22 May 2022 20:24:47 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 41EB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-EsF7E1BE2pf_h.ff6tYI7Nx2dfc6rtfKufft~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-EsF7E1BE2pf_h.ff6tYI7Nx2dfc6rtfKufft~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.163.145.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 22 May 2022 20:24:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-EsF7E1BE2pf_h.ff6tYI7Nx2dfc6rtfKufft~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=3941db53-da0d-11ec-9787-fd5140d466c9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=3941db53-da0d-11ec-9787-fd5140d466c9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=3941db53-da0d-11ec-9787-fd5140d466c9
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
3941db55-da0d-11ec-9787-fd5140d466c9
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=AABB9ADACF7E4362BF7ABA6AC7CFC581
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=AABB9ADACF7E4362BF7ABA6AC7CFC581
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sun, 22 May 2022 20:24:47 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=AABB9ADACF7E4362BF7ABA6AC7CFC581
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
771722461
access-control-allow-origin
*
content-type
text/plain
content-length
0
142
match.deepintent.com/usersync/ Frame 41EB 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:46 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
rtb.gumgum.com/ Frame 41EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c0ff111c-3347-493a-87ac-6fe27d4a00f7&gdpr=0&gdpr_consent=&us_privacy=
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MKZOM2EQ32HM5ZUESDWIRMGWMBVOAWWG
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1Ys4HoGgsBHvDXk05p-c
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1Ys4HoGgsBHvDXk05p-c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.163.145.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1Ys4HoGgsBHvDXk05p-c
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=e2706e76-314b-4c21-be50-680abe016322
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=e2706e76-314b-4c21-be50-680abe016322
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=e2706e76-314b-4c21-be50-680abe016322
date
Sun, 22 May 2022 20:24:47 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1653251087407
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=FTsOektZjWnj&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=FTsOektZjWnj&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=FTsOektZjWnj&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-686468cdff-ph697
expires
-1
usersync
usersync.gumgum.com/ Frame 41EB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7226180436008749240
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7226180436008749240
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7226180436008749240
date
Sun, 22 May 2022 20:24:46 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 41EB 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_c0ff111c-3347-493a-87ac-6fe27d4a00f7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W3QM7T3WH0JK74H9ZRA2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame AFF8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bDFiaGxCVGxMSjZ1bVhuWGp0Q3h2QQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOgP7WaMhQr0uGItTeT4bN0&google_cver=1
49 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOgP7WaMhQr0uGItTeT4bN0&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-686468cdff-ph697
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOgP7WaMhQr0uGItTeT4bN0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame AFF8
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=79a49aec380b121a&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGbf7Vmj-2pAMswu6BAAAAAAA&expiration=1653337487&nuid=&is_secure=true
49 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGbf7Vmj-2pAMswu6BAAAAAAA&expiration=1653337487&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-686468cdff-ph697
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGbf7Vmj-2pAMswu6BAAAAAAA&expiration=1653337487&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame AFF8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&gdpr_in_effect=0&gdpr_consent=
49 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-686468cdff-ph697
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341&gdpr_in_effect=0&gdpr_consent=
date
Sun, 22 May 2022 20:24:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ecm3
s.amazon-adsystem.com/ Frame AFF8 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=FTsOektZjWnj&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N54AB5NRYQSJGWS376N0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A1A7 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=00f5a4c2-8e7a-4507-ab2b-29856e0b6d7a
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EEXQMR841YX7GTDYFZ79
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame A1A7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=70d87672-d46b-46ef-a42e-6a527caea7db&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=70d87672-d46b-46ef-a42e-6a527caea7db&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

X-ServerName
Track001-iad
Pragma
no-cache
Date
Sun, 22 May 2022 20:24:46 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=70d87672-d46b-46ef-a42e-6a527caea7db&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
296
Expires
-1
v1
match.sharethrough.com/sync/ Frame A1A7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame A1A7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame A1A7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YoqcDgADRCjODwAj
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YoqcDgADRCjODwAj
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653251087.335271,VS0,VE0
x-served-by
cache-yul12821-YUL
x-cache
HIT
location
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YoqcDgADRCjODwAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 807E 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g446a9ba13a782515297&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
X6TH2NQ8N1C75CYNKHAW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame 807E
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
68.67.161.175 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
28dfdc15-84ed-419b-8414-a2bd61d0dfac
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4983e6c4-93c4-4e1f-8184-95ad20b0c07f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 807E
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAC6uk7FFTgAACrN1omqBg&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Sun, 22 May 2022 20:24:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 807E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=e7d976ba-c653-41a4-983d-9d0c2b298e72
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=e7d976ba-c653-41a4-983d-9d0c2b298e72
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=e7d976ba-c653-41a4-983d-9d0c2b298e72
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame 807E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=hGUazrWaT_Zaxy0IAWSSGJU4mb0
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=hGUazrWaT_Zaxy0IAWSSGJU4mb0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=hGUazrWaT_Zaxy0IAWSSGJU4mb0
Date
Sun, 22 May 2022 20:24:47 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame 807E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=FTsOektZjWnj&ev=1&pn_id=pp&pid=561118
43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=FTsOektZjWnj&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.221.62.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-62-183.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=FTsOektZjWnj&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-686468cdff-ph697
expires
-1
usersync
usersync.gumgum.com/ Frame 083A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:47 GMT
Expires
Sun, 22 May 2022 20:24:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master iad-pixel-x19 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 9456
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YoqcDgADRCjODwAj&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YoqcDgADRCjODwAj&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 22 May 2022 20:24:47 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YoqcDgADRCjODwAj&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1653251087.077854,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5534 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jMGZmMTExYy0zMzQ3LTQ5M2EtODdhYy02ZmUyN2Q0YTAwZjc=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:24:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F1D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131340
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 24 May 2022 08:53:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame B253
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=e7d976ba-c653-41a4-983d-9d0c2b298e72&t=1655843087
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=e7d976ba-c653-41a4-983d-9d0c2b298e72&t=1655843087
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.145.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 22 May 2022 20:24:47 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
209
content-type
text/html
date
Sun, 22 May 2022 20:24:47 GMT
location
https://rtb.gumgum.com/usersync?b=ttd&i=e7d976ba-c653-41a4-983d-9d0c2b298e72&t=1655843087
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 93F7
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=6542586661939034833&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=6542586661939034833brt77451653251087190954b2
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=6542586661939034833brt77451653251087190954b2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Sun, 22 May 2022 20:24:46 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=6542586661939034833brt77451653251087190954b2
usersync
rtb.gumgum.com/ Frame 9DA5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YoqcD8Co8XgAADv0D44AAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YoqcD8Co8XgAADv0D44AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.145.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 22 May 2022 20:24:47 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 22 May 2022 20:24:47 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YoqcD8Co8XgAADv0D44AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
18
X-SO-HostName
a-ad40334.dc2p.scaleout.jp
X-SO-IP
149.56.153.189
X-SO-Key
YoqcD8Co8XgAADv0D44AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":18,"gdpr":false,"ipv4":"149.56.153.189","key":"YoqcD8Co8XgAADv0D44AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40334"}
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40334
usersync
rtb.gumgum.com/ Frame 47BF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=cARoN1Zi0F9JT8Xj9Aen&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=cARoN1Zi0F9JT8Xj9Aen&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.145.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 22 May 2022 20:24:47 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 22 May 2022 20:24:47 GMT Sun, 22 May 2022 20:24:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=cARoN1Zi0F9JT8Xj9Aen&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 4D37
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:47 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 22 May 2022 20:24:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dl-file.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		127 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4124736697175395&correlator=3682408994290563&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&gdpr=0&addtl_consent=1~&us_privacy=1---&iu_parts=6928793%2Cdl-file-61deae48ca228%2Cdl-file-LB2-61deb04e3ea83%2Cdl-file-LB1-61deb048709e3%2Cdl-file-LB3-61deb05c0f307&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4&prev_iu_szs=728x90%7C3x1%2C1x1%7C728x90%7C970x250%7C970x90%2C728x90%7C970x250%7C970x90&ifi=1&adks=1698332873%2C3518616171%2C2335164498&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26permutive%3D61374%252C79775%252C80197%252C80416%252Crts%26refresh%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1653251087154&lmt=1653251087&dlt=1653251084432&idt=881&biw=1600&bih=1200&adxs=436%2C436%2C436&adys=1110%2C522%2C723&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1%7C970x0%7C970x0&msz=728x-1%7C970x0%7C970x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1924886024.1653251085&ga_sid=1653251087&ga_hid=1696956645&ga_fc=true&btvi=0%7C0%7C0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
3729f3da6b6b376b9d7f1d598260bb6a9446ac614941d52c315cda862b065915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25586
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dl-file.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bcc3e15dd7001a3a2d104aabe7513c975d5de6b56cdff1e34236aaebee053e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10652
x-xss-protection
0
container.html
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C560 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:24:47 GMT
expires
Mon, 22 May 2023 20:24:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auction
intake.pbstck.com/v1/intake/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=f2521fbf&tId=87deb108-4e58-4efe-a82c-59315f7609e1&c=3&ctr=US
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 20:24:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
70f846ff0e90ecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pr
s.amazon-adsystem.com/v3/ Frame 44C0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Beeswax_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8fe184cb6a5761c1b76354b18dc69130f1efc9e3fb47e9e35ee93703c8a8ed4e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Beeswax_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_3lift_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2467
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 22 May 2022 20:24:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
WNDYZ42DJBYYYNM8R834
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FDC3 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cda85a280e188db156f410eff63fb211c8191389e0012a6350946dd1804b817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128852
x-xss-protection
0
expires
Sun, 22 May 2022 20:24:47 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwUmMwUkMDt2JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTpjODtmNmUzrD00MDAzrT0lMwUzoXN0YT0kNmA3ODQjMCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzqzyxX2F0nT1xoC1znWkyLUyhp3RlZWFgLU5iqzEgQ29lZTEgNwFxZWIlMTFxYmRvOCZ1p2VlSXBBZGRlPTE0OS41Nv4kNTMhMTt5JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNwQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlOGE5YmBxZTJvYwIzpaZhPTElMTUjJzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NTMlNTEjODplOTtzqWyxPVNyn2yhZG9TUGkurWVlNwI4YTywMGUkMTp3YlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxoC1znWkyLzNioSUlRzp2rzgjY3canHFxpvUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFlLzu0oWjzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXE=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:46 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
crum
dsum-sec.casalemedia.com/ Frame C68F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=ffb1dd88-779e-45e3-bfd0-31f6fc593266&expiration=1661199887
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT
usync.js
eus.rubiconproject.com/ Frame 4D37 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b513f20f35c4a08a1922a5476b764b7ef88ed1358fd082fb1dc609c0d901337e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 17:10:31 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13304
content-type
text/html; charset=UTF-8
content-length
9448
expires
Mon, 23 May 2022 00:06:31 GMT
uu
ih.adscale.de/ Frame 8096
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1653251087
  • https://ih.adscale.de/uu?cbfn=receive&t=1653251087&nut&uu=5e6f3911535f43f0861f27ff82c9607d
44 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1653251087&nut&uu=5e6f3911535f43f0861f27ff82c9607d
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68f50c408598f3856dcda898100b22e244eee84aac580f66453d4ed14943776f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1653251087&nut&uu=5e6f3911535f43f0861f27ff82c9607d
date
Sun, 22 May 2022 20:24:47 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 44C0
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VZRDQ199GKMDCDAAA7N0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:47 GMT
via
1.1 8844c3dbe820eac69f8ca9f1c7fb7402.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7033f0a3
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
g5QfXdHHD1IWUJ3at6uChuDAZqCXVdcsRCu8MONiDVK5GOridvi-LA==
ecm3
s.amazon-adsystem.com/ Frame 44C0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RS7RC0M6QE72PDP7HCP0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 44C0
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W58209J6V74RJP4MCHM7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 22 May 2022 20:24:47 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=598588BF699A41FFBCD52BD1BAC4F1E6&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 21 May 2022 20:24:47 GMT
ecm3
s.amazon-adsystem.com/ Frame 44C0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
13TSGG9CWVYYBN8B3ECZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAC6uk7FFTgAACrN1omqBg&ex=beeswax.com
Date
Sun, 22 May 2022 20:24:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame 44C0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPJRLFZTISDPI5TXGQSIOZCFQ...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=1Ys4HoGgsBHvDXk05p-c
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=1Ys4HoGgsBHvDXk05p-c
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7D49CQWDG82A3RRHQ045
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
P3p
CP="We do not support P3P header."
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=1Ys4HoGgsBHvDXk05p-c
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 20:24:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame D5CF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8bbd369ccba4dbba79e6b2c836c2f059d5a66544a2cba95a67a113141219d9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1646
Content-Type
text/html
Date
Sun, 22 May 2022 20:24:47 GMT
Dropped-Udsids
73|46|206|130|24|156|41|3
Expires
Sun, 22 May 2022 20:24:47 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
/
match.sharethrough.com/jwumXNuB/v1/ Frame 8776 		427 B
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
eb8687e450cc1ed7e7b35a9139b242584e74372d14ab3a74efc8adce11425cf6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Sun, 22 May 2022 20:24:47 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0AC4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131340
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 24 May 2022 08:53:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame CAB3 		651 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.62.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-62-183.compute-1.amazonaws.com
Software
/
Resource Hash
9fac92071eeb81d6c1e61ed50e2b4ce6e6841473f4afad1de21ad2f99fb99afb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
visitormatch
bh.contextweb.com/ Frame D355 		455 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
2f966062c4b3c885f3ffc07dd1ec451fcfb01892cab5cb26755911ff89b70ca6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
455
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-686468cdff-ph697
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 7919
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-LoopMe_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_ppt_n-Beeswax_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 22 May 2022 20:24:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
GDM3Z1KW4GCAZ89AYM96

Redirect headers

content-length
0
date
Sun, 22 May 2022 20:24:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7226180436008749240&gdpr=0&gdpr_consent=
usync.html
eus.rubiconproject.com/ Frame 7988
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:47 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 22 May 2022 20:24:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame F57B 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
158198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 00:28:09 GMT
expires
Sun, 21 May 2023 00:28:09 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FDC3 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 20:24:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7B11 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 22 May 2022 21:06:53 GMT
ecm3
s.amazon-adsystem.com/ Frame 8776 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=00f5a4c2-8e7a-4507-ab2b-29856e0b6d7a
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZWZZKHS8SZG3TX6E31FN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 8776
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
307
Expires
Sun, 22 May 2022 20:24:47 GMT
v1
match.sharethrough.com/sync/ Frame 8776
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 8776
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 8776
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6542586661939034833
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6542586661939034833
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.124.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-124-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f667780e-9349-429f-823c-23766cb6b2c3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6542586661939034833
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D5CF 		43 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:ee0e:7d4f:fdcd:65ce Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame D5CF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6542586661939034833
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6542586661939034833
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1ba466bc-7546-4479-bec0-609d096aab88
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6542586661939034833
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D5CF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
43 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
2600:1f18:4e9:5a02:ee0e:7d4f:fdcd:65ce Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
date
Sun, 22 May 2022 20:24:47 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame D5CF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC6uk7FFTgAACrN1omqBg&expiration=1654460687
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC6uk7FFTgAACrN1omqBg&expiration=1654460687
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC6uk7FFTgAACrN1omqBg&expiration=1654460687
Date
Sun, 22 May 2022 20:24:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame D5CF
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=09a5d017-5eaf-4f20-8c99-f6f092fcae3d&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=09a5d017-5eaf-4f20-8c99-f6f092fcae3d&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=09a5d017-5eaf-4f20-8c99-f6f092fcae3d&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sun, 22 May 2022 20:24:47 GMT
server
_
content-length
0
crum
dsum.casalemedia.com/ Frame D5CF
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=70d87672-d46b-46ef-a42e-6a527caea7db
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=70d87672-d46b-46ef-a42e-6a527caea7db
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Sun, 22 May 2022 20:24:26 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=70d87672-d46b-46ef-a42e-6a527caea7db
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
bridge
cm.adgrx.com/ Frame D5CF 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.85 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-5
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame D5CF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:47 GMT

Redirect headers

Date
Sun, 22 May 2022 20:24:47 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 20:24:46 GMT
ecm3
s.amazon-adsystem.com/ Frame D5CF 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6AWGCAD27GEHHA2339E8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CAB3 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g446a9ba13a782515297
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6P3HKETS2GXF4GS29D92
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame CAB3
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.161.175 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
95fa6e84-6703-4229-9a6e-ccd9597c0cf5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d44d9273-d5d5-462d-ad06-c3d49975be82
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame CAB3
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=50aae929-4949-402d-be95-e0a3492c1ff4&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Sun, 22 May 2022 20:24:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame CAB3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/yieldmo?&cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3F...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3FPBRWQYLOM5ST26LJMVWGI3LPEZYG4X3JMQ6XUJTVONSXE2LEHUYVS4ZUJBXUOZ3TIJEHMRCYNMYDK4BNMM
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=1Ys4HoGgsBHvDXk05p-c
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=1Ys4HoGgsBHvDXk05p-c
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:47 GMT
P3p
CP="We do not support P3P header."
Location
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=1Ys4HoGgsBHvDXk05p-c
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
96
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7988 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b513f20f35c4a08a1922a5476b764b7ef88ed1358fd082fb1dc609c0d901337e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:47 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 17:10:31 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13304
content-type
text/html; charset=UTF-8
content-length
9448
expires
Mon, 23 May 2022 00:06:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D73B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
67277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 01:43:30 GMT
expires
Mon, 22 May 2023 01:43:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 33EB 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
74a42ff4548bc4979579dbfa71c05883545ab9e446cb11eb70c225d86bb3b713
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sAvUPhzb0iUMQAELbO17Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-sAvUPhzb0iUMQAELbO17Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:24:47 GMT
expires
Sun, 22 May 2022 20:24:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F6C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:24:47 GMT
expires
Mon, 22 May 2023 20:24:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012204292129000/ Frame 6FB9 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61295
x-xss-protection
0
server
sffe
date
Thu, 19 May 2022 17:08:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c00c4adb72e5cb7f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 May 2023 17:08:07 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 6FB9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
390912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5188
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"176361d496ccc411"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 07:49:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 6FB9 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
419046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 00:00:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4b15b3c971f95798"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 00:00:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 6FB9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
390912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1906
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a2652581fdabc981"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 07:49:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 6FB9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
419044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12953
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 00:00:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8a2450dae6a66803"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 00:00:43 GMT
css
fonts.googleapis.com/ Frame 6FB9 		3 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84dd9744aa86f730a4ab26fc381f63b06f4307811addf56229eb26f2752b2ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 May 2022 19:43:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 22 May 2022 20:24:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 May 2022 20:24:47 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012204292129000/ Frame AA48 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61295
x-xss-protection
0
server
sffe
date
Thu, 19 May 2022 17:08:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c00c4adb72e5cb7f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 May 2023 17:08:07 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame AA48 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
390912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5188
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"176361d496ccc411"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 07:49:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame AA48 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
419046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 00:00:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4b15b3c971f95798"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 00:00:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame AA48 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
390912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1906
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a2652581fdabc981"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 07:49:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame AA48 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
419044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12953
x-xss-protection
0
server
sffe
date
Wed, 18 May 2022 00:00:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8a2450dae6a66803"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 May 2023 00:00:43 GMT
css
fonts.googleapis.com/ Frame AA48 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 May 2022 18:37:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 22 May 2022 20:24:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 May 2022 20:24:47 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 08:32:25 GMT
x-content-type-options
nosniff
server
cafe
age
42742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 23 May 2022 08:32:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FB9 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 15:42:32 GMT
x-content-type-options
nosniff
server
cafe
age
16935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 23 May 2022 15:42:32 GMT
l
www.google.com/ads/measurement/ Frame 6FB9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4hjDrLxmYjW3F3xvcrF9fs3LjBbD9KsWzpPg8JzIuisUbEoSxiaLbky1FABILRNC9GQWk_IQOo--yjU_mR1tw3nz0OA
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
B10404391.335547989;dc_pre=CLCQ4J748_cCFd6Pswodh2kMKA;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/ Frame 6FB9
Redirect Chain
  • https://924-img.c3tag.com/v.gif?cid=924&c3ce=700&C3NO=1&adid=3019014028&c3=N349404.134426GOOGLEDISPLAYNETWO-335547989-170824783&creative=170824783&redirect=~{https://ad.doubleclick.net/ddm/trackimp...
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10404391.335547989;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10404391.335547989;dc_pre=CLCQ4J748_cCFd6Pswodh2kMKA;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_r...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10404391.335547989;dc_pre=CLCQ4J748_cCFd6Pswodh2kMKA;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Server
142.250.80.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10404391.335547989;dc_pre=CLCQ4J748_cCFd6Pswodh2kMKA;dc_trk_aid=527452052;dc_trk_cid=170824783;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6FB9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSiEeD5yKYty2Ds-UmwSzvr-QCrCk2Zxq56P_ruQP2dkeEAEg-fCnVWDJhv-H8KPsEqAB8PCV-gPIAQbgAgCoAwHIAwqqBK4CT9AD4gZNqcSLGrOmrSQ5xWPfnTiItTDrHNw6blqd-2ZjAYb0OS7tssfCAqp-b47rNg4wI9RkbdKEmeTbogkY038fibx0DPto4b8CZ1iRVEw_pHET5C5_9BF_DzKxrxcmmbSNF3FbuT0A6sl8Wg5HsQRlVU6clPVMTwS5iaxrM1ecQMwUO4jqUJJWg95xP3fX8cgiqCPAENljLtmASk6gkcM9n-QdmXEcfN9Pf2EAnbW_wMwBP-xIGxSfloDZvkOkHqjIdfS4Pw8bi3FwYqzyr0X3nXjeJVjjYqwC4qbwIYanxPe5zVjP_X0XMhevUyuhhvp08W8VjBac664LB0M_tAEGV1S73rUvU1TEx1TjxrgrH0HKRfRGplIwrvxqBV-I4R06NKtoeKn2TYqgtKzABM7_9vXvAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfjkOw0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcFEIbVjwHSCAcIgGEQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTIxNDUxMzgzNDUyNDI2NTEYieMN&sigh=R1zagcJSEAE&uach_m=[UACH]&template_id=493
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA48 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 08:32:25 GMT
x-content-type-options
nosniff
server
cafe
age
42742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 23 May 2022 08:32:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA48 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 15:42:32 GMT
x-content-type-options
nosniff
server
cafe
age
16935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 23 May 2022 15:42:32 GMT
l
www.google.com/ads/measurement/ Frame AA48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR01spC53JAa-eCEiynG9JMLpmlH2hNLA6QyESpg2ObLuvQK3u0DdP_PqtCiqcsHXnvqWZVbSK3td_CdpN4yUTO7WS4Bw
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame AA48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTHSkD5yKYt22Ds-UmwSzvr-QCpvFsYZq5OOz4LIPwrORmJ8jEAEg-fCnVWDJhv-H8KPsEqAB8Zqg0AHIAQHgAgCoAwHIAwqqBKwCT9CCD55v4cgJdvthlkL4OJ7kARn2ujXYCdCW4kGNqRPztSNTHZqO4IUqqHMYSzt-FkW4Bnwl3pv1HToH9M7qtqr9hfMB25zYqGDglSY-ZWnzMBkvmc1EkjlARyRnKSwlG8LS1MMev0F6_tcDIeQvdoehNxtNUiV6Oyan8ufaROPHf0KTgjqIQqNAwVcslHgxc3UKeWsyqHlgbQBmdrZVRLzhKU8LhgqjxZDvOujAaZ9_o7TvH67qCf77I6S8RZah5c-T9f7YVpZ6lU4CT4X_XUWikXmJX3y0E740CqRI6K7JSPaz0qARJiQkntPzHKwDDS07P1l95sftYz4pwAnmXDCQZI1R7aY4YLDNOs6u2aCfuY9l6Idr8HTYIj_koJbAqkfW7b1hL-HeNqmhwATvrJbD8QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH9-TfrwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDPjDXSCAcIgGEQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTIxNDUxMzgzNDUyNDI2NTEYieMN&sigh=ovZZY7KPBOw&uach_m=[UACH]
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
setuid
mp.4dex.io/ Frame 7988
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&khaos=L3HR0EPW-1N-ILOC
  • https://mp.4dex.io/setuid?bidder=rubicon&uid=L3HR0EPW-1N-ILOC&gdpr=0&gdpr_consent=undefined
0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp.4dex.io/setuid?bidder=rubicon&uid=L3HR0EPW-1N-ILOC&gdpr=0&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
70f84706ab0c4bbe-YUL
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://mp.4dex.io/setuid?bidder=rubicon&uid=L3HR0EPW-1N-ILOC&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
4144315588781383508_930549505690833831.jpeg
static.doubleclick.net/dynamic/5/172991532/ Frame 6FB9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/172991532/4144315588781383508_930549505690833831.jpeg
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e46c422d4a03b593c47b53069c195b002ab0a268332459806acca1722a726960
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 11:28:06 GMT
x-content-type-options
nosniff
age
550602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19085
x-xss-protection
0
last-modified
Sun, 31 May 2020 08:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 11:28:06 GMT
14844484113327869233
tpc.googlesyndication.com/simgad/ Frame 6FB9
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDb8PbwdhCQAxiQAzIIOcJediJBM0Q
  • https://tpc.googlesyndication.com/simgad/14844484113327869233
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14844484113327869233
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H3
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b68d25fc4784f00a3daa7012ac706ae0c65291ff860f42230e4c4c969274c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 18:33:24 GMT
x-content-type-options
nosniff
age
265884
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30558
x-xss-protection
0
last-modified
Wed, 20 May 2020 15:11:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 May 2023 18:33:24 GMT

Redirect headers

date
Sun, 22 May 2022 13:11:13 GMT
x-content-type-options
nosniff
server
cafe
age
26015
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/14844484113327869233
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 21 Jun 2022 13:11:13 GMT
truncated
/ Frame 6FB9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6425fa89c6564d8cea3c421b76e1dcd3b8e0be9e7ecc2a459cc8e1ec45853992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6FB9 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 22:12:02 GMT
x-content-type-options
nosniff
age
425566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 22:12:02 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6FB9 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 23:04:02 GMT
x-content-type-options
nosniff
age
422446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 23:04:02 GMT
truncated
/ Frame AA48 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f352f8642d3a05d1b7f00c069700afcde001d78078301798bd3fcf6d342b8ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame AA48 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dl-file.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 08:44:53 GMT
x-content-type-options
nosniff
age
473995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 08:44:53 GMT
userconnect.js
js.adscale.de/ Frame 8096 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:6000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Byir_E0CYOUzkNk2AEI4MYKYdNAc1ZB0
content-encoding
br
last-modified
Fri, 20 May 2022 06:59:32 GMT
server
AmazonS3
age
5111
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sun, 22 May 2022 18:59:37 GMT
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
Jpvi_-lMJl6TF37y7R9NWv4ZPivTh179E0LxhKofNgTXg4RnKy6dHw==
csync
sync.console.adtarget.com.tr/ Frame 8096 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=5e6f3911535f43f0861f27ff82c9607d
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:47 GMT
Server
VertaMedia 1.0
Etag
c4982b3c6a31df6a
Content-Length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2928 		645 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGPGBy8kBMAE&v=APEucNVGwfspoUAQaAmp6zIenkl36FWUW4RBNJq86GD0yvp9RFAZKSGp1puEVfepCb8ciylQZsnN1pPK_dKcaYHI-TV2hAIqjhOIVPyp2l_Aq18W_2zAysQ
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:24:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3F6C 		56 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMnpP8ax_H0XXD_xeEmVVQbXxG82NQIJBoFf1k2qR_KMcoRPTywNW2PnP0zYcGdUVtCGjnW1c4_x5YAEc0yrQygVOLnA&cry=1&dbm_d=AKAmf-BCFzRWpQfJ_O0PZfnYK8KNOI9GpF3h8q7DHf2P756ImG_brv5mQRHD_K0xqmIFbvSG9X33fyUEHM8UDjdeJnL3J4JoJcUVmecK4v2TwSukhyT9WQkDYq3ad89mcP4SR4YqPHxRkiTCO7GMXzxTlUzK0cOYbrRWjWpehF8mUxQUE2cKUYPSqLOVqp4TvFFbAUIvrE14PmxVtaNQLkCKtCLd1669_sEgbCWMwM4U6N5XuVJi_U92NdCmea2XRHubgpRZa7R0yXKF-bz4XN-O6Wdk4x1RL7bLIQnuzRjA1P3091WiqAnpaSDN6s8qXwLindkTBVjMyekcLPSHrDflnre8n1SvTZOXhHZEOfM7SRyLakeRI1cOXUNlYPdxKmXdiwBggeBsrGlkIG_LYp3Bno-KqYKK8Ou3qVI2Zc11S7-RxbpCYSjTlrXW0nu1N5KaN-JEe5KVOq4ctSSNtcoP6yJVpoYhZAYBJ5LEggoNTBHLxLB6FHawKRAAe7drPjV7eaPhIADxAt5v-8rFYXFHR8XLXPP5DwwvLF7BJcep5ICDgJbMnHDbWdytWYY6LfUl82j701wCDxThcB6lF4glkfPhGZnFtvKLlT6ygW7u5i8wtepRUQccgJaaqmKLUUGQo-raj2VuL1wlL0K6bNWPcEjQnS8_QG1X6uOTTytNmdowOaJdRf5oiTEbFcAaUFGUYSWK7Okn-RBdBIC0pkgMtbCyS82e86CO5qnM8i4LzNYRwnQface9i6R_v2QSRJYYGWY3UIvynj2CJuAENnh5Yv70Rg3e6mcvJBpb3Jrc4TcdU3kDW8bHyCiM-vZ9jBOJqrZXgkjql8ewMs6UZsiLM0R-I54XzsXqz4huYESWyHZY70rwLhQ0bWtfa9JJlYOQXu4mOcmdnxqRv9JPUdIjHKnJyRYeit78-f-1tS_TRJ9bBgqWEHZ9qFtMsjDMjoU8eWwUif52vZzVkAV2MpCfFLBRxmvmPApA8tFlhyI6laAEG2Phsiz9WanJRkoYzmGCGtcW9nzQ_S7v5pX1QS_BdveIj2xT_JX21ZEBdikoqNdYlIn2q0DtPwEtjS1hAM22UCg_gJ_cVALIhuv0-Dfcgxq95NJ3NF88rAhuekeZ1JnCr7pnF9x6o1XrmFC9_X3xvdyDsowkGHe1iyBzc80nFAjaZchKMSWxaYFR2bgfGYCIoGMnDPlLiFWBIh4k2w_wf2XVfylAmqfMBJKc1t6-rVb9cS-ebp87nAlff6eXk_WkvXYlGe_3i_7DfL2Q57HE3RtAGQv-bg3UKomk0ki3clIOfp3k8NFaW8cX6mdVNFNC8Iw-IPEr6L_c52FN70hybepeOOy0npSN45YfRohTYhIeE6YolFsmVZT-WvtI9Z4AFdwh2TISO0iWg07mT7nsXs1zv7FV3mp5aTYubDYCOk_WYswcjcSwAurJ4i1wOV3j5fPg7ifBGYhUtTRM6qiL8kqC56tU9dI38m6SW2GzWO1RuLegOE0g54piO4hSGKwtaDpOZngISTCzkUr_u50PoixbcO28-Fx_K-a-NcAGUc_fD0-nPoAalSrwZzFr3GZ86Rq4NX3NFqqu6aRLLRSKTg6wCDKcXIfq0jmbGtgJIFyp974iWVPSV2uSzK-tju4ZcKJrBp-i0AyfgVTafsefD4TOJJddMQF9irFZumTL8rPhpkQ4XciL7iWqc4CsBS2IUoxVv35SXKXV6EYpWWNHm_aCe-Qdj_22fdWwuRZy_aOs93c9jQTCzFTp13qgutIDwtum4Kq_zv9j6G2p5FaPeb2uaJQfAS-EvE5ceIcl0li8sgnQ-wQl72PjRuOUPn5-1HjWThLrwqV50bIkW6A5L26TAAWHYYN5RLezWzKOpZtqETaMVY0OVDUY3fNNxsBmm-wR2fSjXXc6g9BNSAZleRs3vWNpdE3Q-jZGw6KE0BKllOGl46No_9OuhwARIyi8V7QTWl4Yx4rt36JNAnipUddjRHLO3viw2NPCdZsvlplEnfquwIzRW9MIpyv9nD30iTFxtUoXSf9JKGgkmgzjwvgxYkVTd6kfSpO66K9mugI3cPiwdX4Jd758dZjWrSwMOQSMTjxMcajMWClhd0HVshHXUuRsGzbTbC2gonk38HJWG84WYabSa9n-gbdA6bhaLpgIw-X4ke5Dc7l4sx0AxVlxJLT_T-UntsuSXVbw1acL5GOjhhSz2HDya0rHOD_GnJcFg4_1tAbtCIZ9neIZ-k6eUjUGBcvG7QUhW2J6ebo3WHki0XCHU_4pFTmsYyX4w6eaj6PHGRFIaxaU4uHKKpEeF018qOqFMY7HrRcUrTV_nzCi4IS7PxGD7rb9-Q473nUmRvplIgQHQoflDdA02ASASimSQerAMVWT5x7l3CKnx3Ja_9nJ6YLFoppFv8s8e0yotYpzB_1gyyBVvV-ksb0O-wwbg0JjDENVNpsxCGwEIku6fqrlCnYhhxW7y6aFdAQ19I8PL9iwQQXHerApXMHwLkDZ0cs5wr_cQqSVHKsCtoW6He8-i0_ISJmw9Q16t1b_g1anqGFhq6HK-WqPwwHugaNlAxH7DEA9T9tHCSyHgQl2XzRk25tbQpvooan2iLeE6l2tdVX9rdBiCqEfWDyZ8HcgeMZtD18gbiGCoeNXMLN3XEEB8Fc30S22qqOyb6w5FxNfDVEquBZGLVtAK9pQjNg-Qw4dlujMgvUuQD4EP55jStXii5AfB3xgg1etUrhHMCtPZkhc93ixhX3zpHYoVIy-_fP4Hxf06JcQ4S39oBTwESIRBm1-qrX2cz5BzjyHGEc_bNLUJzmj8Ixo-0GFCVLeiG9_AyYVhzdeEsfUzO2BETrJcwz1D2yfN-d26ZkyfOV2S01I4WbLLrBTvMH5OY17xnlGwE6WXLseNkGbatDwOvfEfqrhUfDXUof5bIYNEdUg-y545Vz59Mu8New9UpL2J-FeMv98LRtdywkD-2L2wX7s0apHFdilNopm4j65f4mCWmQaXicoox27I1mS3fuvKsyx8h9f4B8M_I-qI17QsXq94uffUhGKQ5ZEz3lCZQFScqCTEat_5n0ljd92LvaSRPkAJpQ9BcufRV3PmYGcJuxYa9Lc1fuS5n0_pGvyEx4m3Uvk_HPbQ79dre0eqYIuy15Mo4xnVPde9xTcCqS1vi_hyZcM0HsiGfXSnlKmMYBkTw4pODBZme9d7LcoPrrCrt2CCZRppOOhoIkF0ONOpQ&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&rfl=1%2Chttps%253A%252F%252Fdl-file.com%252F%240
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbd7c14c120518c40e2d08171fe88510b8f219eb9ccac919ea0178bbf0e58121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27529
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F6C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdGlqwUzkD8cC5_nKep8PYGr83NsDYPwSBsF8wEm0C9i5O2wNVHbrEfl0fGEqW4zF-GzlbPUdcWmNRZfYttMv8k5h7YyxGhHHaJE23hEE7bj-TGfo
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3F6C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 20:24:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F6C 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 20:24:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3F6C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:08:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7211
x-xss-protection
0
server
cafe
etag
2988716039725867132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 20:08:02 GMT
l
www.google.com/ads/measurement/ Frame 3F6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzqe_GVQC_uFeX0Da89aoSJXBr0rUGwLXYoVJrB6_hYAFCouZy-2xYroXWzE5P4ok89EEL3EqZj83LgJ9_Jdr1VOVGAw
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
integrator.js
adservice.google.com/adsid/ Frame FDC3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dl-file.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 33EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051701&jk=4124736697175395&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 7988
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL5aYXhBao3ENd_zlgtrhxs&google_cver=1
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL5aYXhBao3ENd_zlgtrhxs&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL5aYXhBao3ENd_zlgtrhxs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 7988
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HR0EPW-1N-ILOC&gdpr=0
0
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HR0EPW-1N-ILOC&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: DD595022E2564EE28FC89E1E06D28598 Ref B: YTO01EDGE0818 Ref C: 2022-05-22T20:24:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfn4PaQTxcwx1osE3F3g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HR0EPW-1N-ILOC&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7988
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TqXCD5RRSROwi3cRWl45JQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TqXCD5RRSROwi3cRWl45JQ&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TqXCD5RRSROwi3cRWl45JQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JJVN24N8936KV2AR6YYT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TqXCD5RRSROwi3cRWl45JQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7988
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIUjBFUFctMU4tSUxPQw==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIUjBFUFctMU4tSUxPQw==&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIUjBFUFctMU4tSUxPQw==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 7988 		42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
v1
ads.yahoo.com/cms/ Frame 7988
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3HR0EPW-1N-ILOC&sigv=1&esig=2~47f43636bab3711ad981f94c336ac705c919edfe&gdpr=0
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3HR0EPW-1N-ILOC&sigv=1&esig=2~47f43636bab3711ad981f94c336ac705c919edfe&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3HR0EPW-1N-ILOC&sigv=1&esig=2~47f43636bab3711ad981f94c336ac705c919edfe&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7988
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Mzg5MTI5YzIwYjJkZDc0YmIyMjMyOWU3MWRhYTQ4MzdiNGVmM2NkZA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Mzg5MTI5YzIwYjJkZDc0YmIyMjMyOWU3MWRhYTQ4MzdiNGVmM2NkZA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Mzg5MTI5YzIwYjJkZDc0YmIyMjMyOWU3MWRhYTQ4MzdiNGVmM2NkZA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7988
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=L3HR0EPW-1N-ILOC&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L3HR0EPW-1N-ILOC&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CP4ZWAGTH7N7HXFA8NMB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L3HR0EPW-1N-ILOC&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame AA48
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date
Sun, 22 May 2022 20:24:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
jNIfTJOJYpsZ98Q8qL-tpT3OaJUUMdeIViycWvFIlxs.js
pagead2.googlesyndication.com/bg/ Frame D73B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jNIfTJOJYpsZ98Q8qL-tpT3OaJUUMdeIViycWvFIlxs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
8cd21f4c9389629b19f7c43ca8bfada53dce68951431d788562c9c5af148971b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 17:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
96235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13600
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 May 2023 17:40:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA48 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 08:32:25 GMT
x-content-type-options
nosniff
server
cafe
age
42743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 23 May 2022 08:32:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA48 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 15:42:32 GMT
x-content-type-options
nosniff
server
cafe
age
16936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 23 May 2022 15:42:32 GMT
userconnect
ih.adscale.de/ Frame 8096 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1653251088339&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
content-length
149
content-type
application/javascript
rum
dsum-sec.casalemedia.com/ Frame 2928
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGPGBy8kBMAE&v=APEucNVGwfspoUAQaAmp6zIenkl36FWUW4RBNJq86GD0yvp9RFAZKSGp1puEVfepCb8ciylQZsnN1pPK_dKcaYHI-TV2hAIqjhOIVPyp2l_Aq18W_2zAysQ
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2928
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoqcDqa9EIQ3upvl3ZMnoAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGPGBy8kBMAE&v=APEucNVGwfspoUAQaAmp6zIenkl36FWUW4RBNJq86GD0yvp9RFAZKSGp1puEVfepCb8ciylQZsnN1pPK_dKcaYHI-TV2hAIqjhOIVPyp2l_Aq18W_2zAysQ
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwGW-nXm2W_q2QhlTf_IKA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2928
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAKET96YFvAGFRZp8MzIMLc&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAKET96YFvAGFRZp8MzIMLc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGPGBy8kBMAE&v=APEucNVGwfspoUAQaAmp6zIenkl36FWUW4RBNJq86GD0yvp9RFAZKSGp1puEVfepCb8ciylQZsnN1pPK_dKcaYHI-TV2hAIqjhOIVPyp2l_Aq18W_2zAysQ
Protocol
HTTP/1.1
Server
68.67.161.175 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6c4ec271-8aea-418c-8942-81de09bc91ac
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAKET96YFvAGFRZp8MzIMLc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2928
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0MjU4NjY2MTkzOTAzNDgzMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0MjU4NjY2MTkzOTAzNDgzMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGPGBy8kBMAE&v=APEucNVGwfspoUAQaAmp6zIenkl36FWUW4RBNJq86GD0yvp9RFAZKSGp1puEVfepCb8ciylQZsnN1pPK_dKcaYHI-TV2hAIqjhOIVPyp2l_Aq18W_2zAysQ
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
de89e111-1618-4d8a-ba41-8bd4dc338c76
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0MjU4NjY2MTkzOTAzNDgzMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
212.json
id5-sync.com/g/v2/ Frame FDC3 		453 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
f9de1c59e2a76d260d705eeae08619d081c6d54d6fe3472ff24f8db710ab9105
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
rid
match.adsrvr.org/track/ Frame FDC3 		108 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
577983078a2d578d1c09ed92a60880fe74ae7f1e51acb5e4d0c3e4df8b313e5a

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dl-file.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 21 Jun 2022 20:24:48 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 59EA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160887
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131339
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 24 May 2022 08:53:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame BB45 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
452061c22c8900b9901d8c78db4d1f66cc20aceda0550e3e76cf11645b9ad155
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=154588
content-encoding
gzip
content-length
11513
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:48 GMT
expires
Tue, 24 May 2022 15:21:16 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 779F 		1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
91a0cd4a7f067c4bf11fc6887d01d96ac270a9012c5b559c8399f234ee443d22

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 20:24:48 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-registering
ads.stickyadstv.com/ Frame FDC3
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9af8fd9778abb37615ecf8cae54ca25&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=h8021_7100659355036967084&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e7d976ba-c653-41a4-983d-9d0c2b298e72
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OWFmOGZkOTc3OGFiYjM3NjE1ZWNmOGNhZTU0Y2EyNQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIYZAPEgPXgf304o6EYYzes&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAC6uk7FFTgAACrN1omqBg&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/9af8fd9778abb37615ecf8cae54ca25?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bUcPrg9E2oMMDuQnlXpgRv2cARdAzhPBPr95Nb5v~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=xaBBc4a91NSS895
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=38f5cf0e-da0d-11ec-a242-f3edface7b2c
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6542586661939034833
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6795743&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=3941db53-da0d-11ec-9787-fd5140d466c9
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
0
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 3F6C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMnpP8ax_H0XXD_xeEmVVQbXxG82NQIJBoFf1k2qR_KMcoRPTywNW2PnP0zYcGdUVtCGjnW1c4_x5YAEc0yrQygVOLnA&cry=1&dbm_d=AKAmf-BCFzRWpQfJ_O0PZfnYK8KNOI9GpF3h8q7DHf2P756ImG_brv5mQRHD_K0xqmIFbvSG9X33fyUEHM8UDjdeJnL3J4JoJcUVmecK4v2TwSukhyT9WQkDYq3ad89mcP4SR4YqPHxRkiTCO7GMXzxTlUzK0cOYbrRWjWpehF8mUxQUE2cKUYPSqLOVqp4TvFFbAUIvrE14PmxVtaNQLkCKtCLd1669_sEgbCWMwM4U6N5XuVJi_U92NdCmea2XRHubgpRZa7R0yXKF-bz4XN-O6Wdk4x1RL7bLIQnuzRjA1P3091WiqAnpaSDN6s8qXwLindkTBVjMyekcLPSHrDflnre8n1SvTZOXhHZEOfM7SRyLakeRI1cOXUNlYPdxKmXdiwBggeBsrGlkIG_LYp3Bno-KqYKK8Ou3qVI2Zc11S7-RxbpCYSjTlrXW0nu1N5KaN-JEe5KVOq4ctSSNtcoP6yJVpoYhZAYBJ5LEggoNTBHLxLB6FHawKRAAe7drPjV7eaPhIADxAt5v-8rFYXFHR8XLXPP5DwwvLF7BJcep5ICDgJbMnHDbWdytWYY6LfUl82j701wCDxThcB6lF4glkfPhGZnFtvKLlT6ygW7u5i8wtepRUQccgJaaqmKLUUGQo-raj2VuL1wlL0K6bNWPcEjQnS8_QG1X6uOTTytNmdowOaJdRf5oiTEbFcAaUFGUYSWK7Okn-RBdBIC0pkgMtbCyS82e86CO5qnM8i4LzNYRwnQface9i6R_v2QSRJYYGWY3UIvynj2CJuAENnh5Yv70Rg3e6mcvJBpb3Jrc4TcdU3kDW8bHyCiM-vZ9jBOJqrZXgkjql8ewMs6UZsiLM0R-I54XzsXqz4huYESWyHZY70rwLhQ0bWtfa9JJlYOQXu4mOcmdnxqRv9JPUdIjHKnJyRYeit78-f-1tS_TRJ9bBgqWEHZ9qFtMsjDMjoU8eWwUif52vZzVkAV2MpCfFLBRxmvmPApA8tFlhyI6laAEG2Phsiz9WanJRkoYzmGCGtcW9nzQ_S7v5pX1QS_BdveIj2xT_JX21ZEBdikoqNdYlIn2q0DtPwEtjS1hAM22UCg_gJ_cVALIhuv0-Dfcgxq95NJ3NF88rAhuekeZ1JnCr7pnF9x6o1XrmFC9_X3xvdyDsowkGHe1iyBzc80nFAjaZchKMSWxaYFR2bgfGYCIoGMnDPlLiFWBIh4k2w_wf2XVfylAmqfMBJKc1t6-rVb9cS-ebp87nAlff6eXk_WkvXYlGe_3i_7DfL2Q57HE3RtAGQv-bg3UKomk0ki3clIOfp3k8NFaW8cX6mdVNFNC8Iw-IPEr6L_c52FN70hybepeOOy0npSN45YfRohTYhIeE6YolFsmVZT-WvtI9Z4AFdwh2TISO0iWg07mT7nsXs1zv7FV3mp5aTYubDYCOk_WYswcjcSwAurJ4i1wOV3j5fPg7ifBGYhUtTRM6qiL8kqC56tU9dI38m6SW2GzWO1RuLegOE0g54piO4hSGKwtaDpOZngISTCzkUr_u50PoixbcO28-Fx_K-a-NcAGUc_fD0-nPoAalSrwZzFr3GZ86Rq4NX3NFqqu6aRLLRSKTg6wCDKcXIfq0jmbGtgJIFyp974iWVPSV2uSzK-tju4ZcKJrBp-i0AyfgVTafsefD4TOJJddMQF9irFZumTL8rPhpkQ4XciL7iWqc4CsBS2IUoxVv35SXKXV6EYpWWNHm_aCe-Qdj_22fdWwuRZy_aOs93c9jQTCzFTp13qgutIDwtum4Kq_zv9j6G2p5FaPeb2uaJQfAS-EvE5ceIcl0li8sgnQ-wQl72PjRuOUPn5-1HjWThLrwqV50bIkW6A5L26TAAWHYYN5RLezWzKOpZtqETaMVY0OVDUY3fNNxsBmm-wR2fSjXXc6g9BNSAZleRs3vWNpdE3Q-jZGw6KE0BKllOGl46No_9OuhwARIyi8V7QTWl4Yx4rt36JNAnipUddjRHLO3viw2NPCdZsvlplEnfquwIzRW9MIpyv9nD30iTFxtUoXSf9JKGgkmgzjwvgxYkVTd6kfSpO66K9mugI3cPiwdX4Jd758dZjWrSwMOQSMTjxMcajMWClhd0HVshHXUuRsGzbTbC2gonk38HJWG84WYabSa9n-gbdA6bhaLpgIw-X4ke5Dc7l4sx0AxVlxJLT_T-UntsuSXVbw1acL5GOjhhSz2HDya0rHOD_GnJcFg4_1tAbtCIZ9neIZ-k6eUjUGBcvG7QUhW2J6ebo3WHki0XCHU_4pFTmsYyX4w6eaj6PHGRFIaxaU4uHKKpEeF018qOqFMY7HrRcUrTV_nzCi4IS7PxGD7rb9-Q473nUmRvplIgQHQoflDdA02ASASimSQerAMVWT5x7l3CKnx3Ja_9nJ6YLFoppFv8s8e0yotYpzB_1gyyBVvV-ksb0O-wwbg0JjDENVNpsxCGwEIku6fqrlCnYhhxW7y6aFdAQ19I8PL9iwQQXHerApXMHwLkDZ0cs5wr_cQqSVHKsCtoW6He8-i0_ISJmw9Q16t1b_g1anqGFhq6HK-WqPwwHugaNlAxH7DEA9T9tHCSyHgQl2XzRk25tbQpvooan2iLeE6l2tdVX9rdBiCqEfWDyZ8HcgeMZtD18gbiGCoeNXMLN3XEEB8Fc30S22qqOyb6w5FxNfDVEquBZGLVtAK9pQjNg-Qw4dlujMgvUuQD4EP55jStXii5AfB3xgg1etUrhHMCtPZkhc93ixhX3zpHYoVIy-_fP4Hxf06JcQ4S39oBTwESIRBm1-qrX2cz5BzjyHGEc_bNLUJzmj8Ixo-0GFCVLeiG9_AyYVhzdeEsfUzO2BETrJcwz1D2yfN-d26ZkyfOV2S01I4WbLLrBTvMH5OY17xnlGwE6WXLseNkGbatDwOvfEfqrhUfDXUof5bIYNEdUg-y545Vz59Mu8New9UpL2J-FeMv98LRtdywkD-2L2wX7s0apHFdilNopm4j65f4mCWmQaXicoox27I1mS3fuvKsyx8h9f4B8M_I-qI17QsXq94uffUhGKQ5ZEz3lCZQFScqCTEat_5n0ljd92LvaSRPkAJpQ9BcufRV3PmYGcJuxYa9Lc1fuS5n0_pGvyEx4m3Uvk_HPbQ79dre0eqYIuy15Mo4xnVPde9xTcCqS1vi_hyZcM0HsiGfXSnlKmMYBkTw4pODBZme9d7LcoPrrCrt2CCZRppOOhoIkF0ONOpQ&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&rfl=1%2Chttps%253A%252F%252Fdl-file.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10463
x-xss-protection
0
server
cafe
etag
17671883673189222985
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 20:21:12 GMT
17245317257952814385
s0.2mdn.net/simgad/ Frame 3F6C 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17245317257952814385
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMnpP8ax_H0XXD_xeEmVVQbXxG82NQIJBoFf1k2qR_KMcoRPTywNW2PnP0zYcGdUVtCGjnW1c4_x5YAEc0yrQygVOLnA&cry=1&dbm_d=AKAmf-BCFzRWpQfJ_O0PZfnYK8KNOI9GpF3h8q7DHf2P756ImG_brv5mQRHD_K0xqmIFbvSG9X33fyUEHM8UDjdeJnL3J4JoJcUVmecK4v2TwSukhyT9WQkDYq3ad89mcP4SR4YqPHxRkiTCO7GMXzxTlUzK0cOYbrRWjWpehF8mUxQUE2cKUYPSqLOVqp4TvFFbAUIvrE14PmxVtaNQLkCKtCLd1669_sEgbCWMwM4U6N5XuVJi_U92NdCmea2XRHubgpRZa7R0yXKF-bz4XN-O6Wdk4x1RL7bLIQnuzRjA1P3091WiqAnpaSDN6s8qXwLindkTBVjMyekcLPSHrDflnre8n1SvTZOXhHZEOfM7SRyLakeRI1cOXUNlYPdxKmXdiwBggeBsrGlkIG_LYp3Bno-KqYKK8Ou3qVI2Zc11S7-RxbpCYSjTlrXW0nu1N5KaN-JEe5KVOq4ctSSNtcoP6yJVpoYhZAYBJ5LEggoNTBHLxLB6FHawKRAAe7drPjV7eaPhIADxAt5v-8rFYXFHR8XLXPP5DwwvLF7BJcep5ICDgJbMnHDbWdytWYY6LfUl82j701wCDxThcB6lF4glkfPhGZnFtvKLlT6ygW7u5i8wtepRUQccgJaaqmKLUUGQo-raj2VuL1wlL0K6bNWPcEjQnS8_QG1X6uOTTytNmdowOaJdRf5oiTEbFcAaUFGUYSWK7Okn-RBdBIC0pkgMtbCyS82e86CO5qnM8i4LzNYRwnQface9i6R_v2QSRJYYGWY3UIvynj2CJuAENnh5Yv70Rg3e6mcvJBpb3Jrc4TcdU3kDW8bHyCiM-vZ9jBOJqrZXgkjql8ewMs6UZsiLM0R-I54XzsXqz4huYESWyHZY70rwLhQ0bWtfa9JJlYOQXu4mOcmdnxqRv9JPUdIjHKnJyRYeit78-f-1tS_TRJ9bBgqWEHZ9qFtMsjDMjoU8eWwUif52vZzVkAV2MpCfFLBRxmvmPApA8tFlhyI6laAEG2Phsiz9WanJRkoYzmGCGtcW9nzQ_S7v5pX1QS_BdveIj2xT_JX21ZEBdikoqNdYlIn2q0DtPwEtjS1hAM22UCg_gJ_cVALIhuv0-Dfcgxq95NJ3NF88rAhuekeZ1JnCr7pnF9x6o1XrmFC9_X3xvdyDsowkGHe1iyBzc80nFAjaZchKMSWxaYFR2bgfGYCIoGMnDPlLiFWBIh4k2w_wf2XVfylAmqfMBJKc1t6-rVb9cS-ebp87nAlff6eXk_WkvXYlGe_3i_7DfL2Q57HE3RtAGQv-bg3UKomk0ki3clIOfp3k8NFaW8cX6mdVNFNC8Iw-IPEr6L_c52FN70hybepeOOy0npSN45YfRohTYhIeE6YolFsmVZT-WvtI9Z4AFdwh2TISO0iWg07mT7nsXs1zv7FV3mp5aTYubDYCOk_WYswcjcSwAurJ4i1wOV3j5fPg7ifBGYhUtTRM6qiL8kqC56tU9dI38m6SW2GzWO1RuLegOE0g54piO4hSGKwtaDpOZngISTCzkUr_u50PoixbcO28-Fx_K-a-NcAGUc_fD0-nPoAalSrwZzFr3GZ86Rq4NX3NFqqu6aRLLRSKTg6wCDKcXIfq0jmbGtgJIFyp974iWVPSV2uSzK-tju4ZcKJrBp-i0AyfgVTafsefD4TOJJddMQF9irFZumTL8rPhpkQ4XciL7iWqc4CsBS2IUoxVv35SXKXV6EYpWWNHm_aCe-Qdj_22fdWwuRZy_aOs93c9jQTCzFTp13qgutIDwtum4Kq_zv9j6G2p5FaPeb2uaJQfAS-EvE5ceIcl0li8sgnQ-wQl72PjRuOUPn5-1HjWThLrwqV50bIkW6A5L26TAAWHYYN5RLezWzKOpZtqETaMVY0OVDUY3fNNxsBmm-wR2fSjXXc6g9BNSAZleRs3vWNpdE3Q-jZGw6KE0BKllOGl46No_9OuhwARIyi8V7QTWl4Yx4rt36JNAnipUddjRHLO3viw2NPCdZsvlplEnfquwIzRW9MIpyv9nD30iTFxtUoXSf9JKGgkmgzjwvgxYkVTd6kfSpO66K9mugI3cPiwdX4Jd758dZjWrSwMOQSMTjxMcajMWClhd0HVshHXUuRsGzbTbC2gonk38HJWG84WYabSa9n-gbdA6bhaLpgIw-X4ke5Dc7l4sx0AxVlxJLT_T-UntsuSXVbw1acL5GOjhhSz2HDya0rHOD_GnJcFg4_1tAbtCIZ9neIZ-k6eUjUGBcvG7QUhW2J6ebo3WHki0XCHU_4pFTmsYyX4w6eaj6PHGRFIaxaU4uHKKpEeF018qOqFMY7HrRcUrTV_nzCi4IS7PxGD7rb9-Q473nUmRvplIgQHQoflDdA02ASASimSQerAMVWT5x7l3CKnx3Ja_9nJ6YLFoppFv8s8e0yotYpzB_1gyyBVvV-ksb0O-wwbg0JjDENVNpsxCGwEIku6fqrlCnYhhxW7y6aFdAQ19I8PL9iwQQXHerApXMHwLkDZ0cs5wr_cQqSVHKsCtoW6He8-i0_ISJmw9Q16t1b_g1anqGFhq6HK-WqPwwHugaNlAxH7DEA9T9tHCSyHgQl2XzRk25tbQpvooan2iLeE6l2tdVX9rdBiCqEfWDyZ8HcgeMZtD18gbiGCoeNXMLN3XEEB8Fc30S22qqOyb6w5FxNfDVEquBZGLVtAK9pQjNg-Qw4dlujMgvUuQD4EP55jStXii5AfB3xgg1etUrhHMCtPZkhc93ixhX3zpHYoVIy-_fP4Hxf06JcQ4S39oBTwESIRBm1-qrX2cz5BzjyHGEc_bNLUJzmj8Ixo-0GFCVLeiG9_AyYVhzdeEsfUzO2BETrJcwz1D2yfN-d26ZkyfOV2S01I4WbLLrBTvMH5OY17xnlGwE6WXLseNkGbatDwOvfEfqrhUfDXUof5bIYNEdUg-y545Vz59Mu8New9UpL2J-FeMv98LRtdywkD-2L2wX7s0apHFdilNopm4j65f4mCWmQaXicoox27I1mS3fuvKsyx8h9f4B8M_I-qI17QsXq94uffUhGKQ5ZEz3lCZQFScqCTEat_5n0ljd92LvaSRPkAJpQ9BcufRV3PmYGcJuxYa9Lc1fuS5n0_pGvyEx4m3Uvk_HPbQ79dre0eqYIuy15Mo4xnVPde9xTcCqS1vi_hyZcM0HsiGfXSnlKmMYBkTw4pODBZme9d7LcoPrrCrt2CCZRppOOhoIkF0ONOpQ&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&rfl=1%2Chttps%253A%252F%252Fdl-file.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88812dad7efd4fa7d0b0fe1c56e5316423650137bd9c85edf3a945ae3e44dc54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 04:06:31 GMT
x-content-type-options
nosniff
age
317897
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62304
x-xss-protection
0
last-modified
Tue, 03 May 2022 22:44:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 04:06:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 3F6C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMnpP8ax_H0XXD_xeEmVVQbXxG82NQIJBoFf1k2qR_KMcoRPTywNW2PnP0zYcGdUVtCGjnW1c4_x5YAEc0yrQygVOLnA&cry=1&dbm_d=AKAmf-BCFzRWpQfJ_O0PZfnYK8KNOI9GpF3h8q7DHf2P756ImG_brv5mQRHD_K0xqmIFbvSG9X33fyUEHM8UDjdeJnL3J4JoJcUVmecK4v2TwSukhyT9WQkDYq3ad89mcP4SR4YqPHxRkiTCO7GMXzxTlUzK0cOYbrRWjWpehF8mUxQUE2cKUYPSqLOVqp4TvFFbAUIvrE14PmxVtaNQLkCKtCLd1669_sEgbCWMwM4U6N5XuVJi_U92NdCmea2XRHubgpRZa7R0yXKF-bz4XN-O6Wdk4x1RL7bLIQnuzRjA1P3091WiqAnpaSDN6s8qXwLindkTBVjMyekcLPSHrDflnre8n1SvTZOXhHZEOfM7SRyLakeRI1cOXUNlYPdxKmXdiwBggeBsrGlkIG_LYp3Bno-KqYKK8Ou3qVI2Zc11S7-RxbpCYSjTlrXW0nu1N5KaN-JEe5KVOq4ctSSNtcoP6yJVpoYhZAYBJ5LEggoNTBHLxLB6FHawKRAAe7drPjV7eaPhIADxAt5v-8rFYXFHR8XLXPP5DwwvLF7BJcep5ICDgJbMnHDbWdytWYY6LfUl82j701wCDxThcB6lF4glkfPhGZnFtvKLlT6ygW7u5i8wtepRUQccgJaaqmKLUUGQo-raj2VuL1wlL0K6bNWPcEjQnS8_QG1X6uOTTytNmdowOaJdRf5oiTEbFcAaUFGUYSWK7Okn-RBdBIC0pkgMtbCyS82e86CO5qnM8i4LzNYRwnQface9i6R_v2QSRJYYGWY3UIvynj2CJuAENnh5Yv70Rg3e6mcvJBpb3Jrc4TcdU3kDW8bHyCiM-vZ9jBOJqrZXgkjql8ewMs6UZsiLM0R-I54XzsXqz4huYESWyHZY70rwLhQ0bWtfa9JJlYOQXu4mOcmdnxqRv9JPUdIjHKnJyRYeit78-f-1tS_TRJ9bBgqWEHZ9qFtMsjDMjoU8eWwUif52vZzVkAV2MpCfFLBRxmvmPApA8tFlhyI6laAEG2Phsiz9WanJRkoYzmGCGtcW9nzQ_S7v5pX1QS_BdveIj2xT_JX21ZEBdikoqNdYlIn2q0DtPwEtjS1hAM22UCg_gJ_cVALIhuv0-Dfcgxq95NJ3NF88rAhuekeZ1JnCr7pnF9x6o1XrmFC9_X3xvdyDsowkGHe1iyBzc80nFAjaZchKMSWxaYFR2bgfGYCIoGMnDPlLiFWBIh4k2w_wf2XVfylAmqfMBJKc1t6-rVb9cS-ebp87nAlff6eXk_WkvXYlGe_3i_7DfL2Q57HE3RtAGQv-bg3UKomk0ki3clIOfp3k8NFaW8cX6mdVNFNC8Iw-IPEr6L_c52FN70hybepeOOy0npSN45YfRohTYhIeE6YolFsmVZT-WvtI9Z4AFdwh2TISO0iWg07mT7nsXs1zv7FV3mp5aTYubDYCOk_WYswcjcSwAurJ4i1wOV3j5fPg7ifBGYhUtTRM6qiL8kqC56tU9dI38m6SW2GzWO1RuLegOE0g54piO4hSGKwtaDpOZngISTCzkUr_u50PoixbcO28-Fx_K-a-NcAGUc_fD0-nPoAalSrwZzFr3GZ86Rq4NX3NFqqu6aRLLRSKTg6wCDKcXIfq0jmbGtgJIFyp974iWVPSV2uSzK-tju4ZcKJrBp-i0AyfgVTafsefD4TOJJddMQF9irFZumTL8rPhpkQ4XciL7iWqc4CsBS2IUoxVv35SXKXV6EYpWWNHm_aCe-Qdj_22fdWwuRZy_aOs93c9jQTCzFTp13qgutIDwtum4Kq_zv9j6G2p5FaPeb2uaJQfAS-EvE5ceIcl0li8sgnQ-wQl72PjRuOUPn5-1HjWThLrwqV50bIkW6A5L26TAAWHYYN5RLezWzKOpZtqETaMVY0OVDUY3fNNxsBmm-wR2fSjXXc6g9BNSAZleRs3vWNpdE3Q-jZGw6KE0BKllOGl46No_9OuhwARIyi8V7QTWl4Yx4rt36JNAnipUddjRHLO3viw2NPCdZsvlplEnfquwIzRW9MIpyv9nD30iTFxtUoXSf9JKGgkmgzjwvgxYkVTd6kfSpO66K9mugI3cPiwdX4Jd758dZjWrSwMOQSMTjxMcajMWClhd0HVshHXUuRsGzbTbC2gonk38HJWG84WYabSa9n-gbdA6bhaLpgIw-X4ke5Dc7l4sx0AxVlxJLT_T-UntsuSXVbw1acL5GOjhhSz2HDya0rHOD_GnJcFg4_1tAbtCIZ9neIZ-k6eUjUGBcvG7QUhW2J6ebo3WHki0XCHU_4pFTmsYyX4w6eaj6PHGRFIaxaU4uHKKpEeF018qOqFMY7HrRcUrTV_nzCi4IS7PxGD7rb9-Q473nUmRvplIgQHQoflDdA02ASASimSQerAMVWT5x7l3CKnx3Ja_9nJ6YLFoppFv8s8e0yotYpzB_1gyyBVvV-ksb0O-wwbg0JjDENVNpsxCGwEIku6fqrlCnYhhxW7y6aFdAQ19I8PL9iwQQXHerApXMHwLkDZ0cs5wr_cQqSVHKsCtoW6He8-i0_ISJmw9Q16t1b_g1anqGFhq6HK-WqPwwHugaNlAxH7DEA9T9tHCSyHgQl2XzRk25tbQpvooan2iLeE6l2tdVX9rdBiCqEfWDyZ8HcgeMZtD18gbiGCoeNXMLN3XEEB8Fc30S22qqOyb6w5FxNfDVEquBZGLVtAK9pQjNg-Qw4dlujMgvUuQD4EP55jStXii5AfB3xgg1etUrhHMCtPZkhc93ixhX3zpHYoVIy-_fP4Hxf06JcQ4S39oBTwESIRBm1-qrX2cz5BzjyHGEc_bNLUJzmj8Ixo-0GFCVLeiG9_AyYVhzdeEsfUzO2BETrJcwz1D2yfN-d26ZkyfOV2S01I4WbLLrBTvMH5OY17xnlGwE6WXLseNkGbatDwOvfEfqrhUfDXUof5bIYNEdUg-y545Vz59Mu8New9UpL2J-FeMv98LRtdywkD-2L2wX7s0apHFdilNopm4j65f4mCWmQaXicoox27I1mS3fuvKsyx8h9f4B8M_I-qI17QsXq94uffUhGKQ5ZEz3lCZQFScqCTEat_5n0ljd92LvaSRPkAJpQ9BcufRV3PmYGcJuxYa9Lc1fuS5n0_pGvyEx4m3Uvk_HPbQ79dre0eqYIuy15Mo4xnVPde9xTcCqS1vi_hyZcM0HsiGfXSnlKmMYBkTw4pODBZme9d7LcoPrrCrt2CCZRppOOhoIkF0ONOpQ&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&rfl=1%2Chttps%253A%252F%252Fdl-file.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 20:18:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3F6C 		0
397 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLB23vtYSAP_4Fy0mnaGkzHfeXSNpMZeCmEcfSWLUvACc-V-hPG9RiHeSyh7NN9q0FS9Y6vuhpag8yyDmjafts-FkgFtDqes9vSKqRXeSU-p937LUN_u6bOkcNCmDO3PK6ey6PC_ACnSkLHSLcBMCogi5YlVUKlseAiEvU91pNjpFDgCUo-mZuHpDHmgXdWJ6HLpkBxOF1h7xjwd2vnarnGW316JzyiasBu49kwXjloxlDnVCOD8Xe6PHseptI4m6y6If1jXOzf-r8pD9EngUkuU8nCzBzv9M2sLdJ380Sn6LfUZ62eOK3KxsybN4qxmV9665GYQ0g-DNy3kFyQmFEucFwxxDo6dG2nY17iG3xajWNfEC4b0idHDo19grLoA9C5KL8XOFQQU05dLGEVSlcoo8xtx3tiwk-70K8KDSCTfCif5DyTtap-_Uk7rUDgaRg8DyXXfSWt7h3xK5JL3VGmdZ00huZXWePe7jCgwHPuVcWTMT7Dc_jmHAHLClJTwN8tWp5FcX_saP4jxZpjkbSw4emtz0RGrJJNek3OsKUpN9akOCNHaqbg1W1j86rLIDAk_XNgEh5wBvPCNQ_O92RuXaOMf01zXM-gWfIQidI0qGeCtLK7k3dAsRPMj9X1_Q32NGwoMQ3gYfwNM--DL44Dvkp27ze_752t-swmN16r23gJYOUcZxyfar7AAwfJWyTnUz0redTeDmjQixNoYr7HQVE18ttcYuKLwVJN-11OxVuiFin-v50ysrpEoDt2UBZdyNBWUPiGdO40rxsEQkEgY0V1G0KJB8bO0KiH2zl5Dipu_ZUqamSGZit8fNKQkBHTusSSP0EuNZ5u9r1nz9Nh72c5gFwZNs548EYlR2QGbiSuPHeaSp3Sjt4dIql9ys42FxlGhFSkhVBgX5l37fWc5nbA6fsUf4ZTsUe89-0DM8Ks4WvyONViDlwiXtV5htwRiqjyWdcuKGRcKaHeCt9-Fcj5PyXxjkPHUD3q1qcpZgSnknxYW9o3YhjOY5VOckp7ENdFHVJBzissygyZb0mI63oUIrLAYZ95jzmRfZtHT2_u4j_xPBiUT0sG46p3rvW0FrTkQSGfNeJjaTh8l6IVi9bUFfsvfbw7VB3QNYRcO_4jO_YGz9wOJJ9e-FlCjhFZjHJ7Pd055ExpAK-4oFYuhIhmWxtpsYQ9fsf6ZvQ1-cGEOUZ2E3irninw79N&sai=AMfl-YQ3cVItFb8EnLi9Q3tlryL483PoX9uHuGrDb9jRbH7-LB16Qg6ToXT7D8o5M-n_tZi3vpQIM4sUhwWxyR4H1Wk-vSd6yzLUcHzSnJkaMdKZ-p39_aGdsi35trGp_UEz-xsrM0v1Hej_qjI8kg5ABY8_YGKcebGqAAf9M37FhrFSFY1lnrWdlWkJlkESVXbGu8JICPQTJEmuEMkoiB3kpe_R&sig=Cg0ArKJSzF1CMmUhQwxQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220518.21593&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMnpP8ax_H0XXD_xeEmVVQbXxG82NQIJBoFf1k2qR_KMcoRPTywNW2PnP0zYcGdUVtCGjnW1c4_x5YAEc0yrQygVOLnA&cry=1&dbm_d=AKAmf-BCFzRWpQfJ_O0PZfnYK8KNOI9GpF3h8q7DHf2P756ImG_brv5mQRHD_K0xqmIFbvSG9X33fyUEHM8UDjdeJnL3J4JoJcUVmecK4v2TwSukhyT9WQkDYq3ad89mcP4SR4YqPHxRkiTCO7GMXzxTlUzK0cOYbrRWjWpehF8mUxQUE2cKUYPSqLOVqp4TvFFbAUIvrE14PmxVtaNQLkCKtCLd1669_sEgbCWMwM4U6N5XuVJi_U92NdCmea2XRHubgpRZa7R0yXKF-bz4XN-O6Wdk4x1RL7bLIQnuzRjA1P3091WiqAnpaSDN6s8qXwLindkTBVjMyekcLPSHrDflnre8n1SvTZOXhHZEOfM7SRyLakeRI1cOXUNlYPdxKmXdiwBggeBsrGlkIG_LYp3Bno-KqYKK8Ou3qVI2Zc11S7-RxbpCYSjTlrXW0nu1N5KaN-JEe5KVOq4ctSSNtcoP6yJVpoYhZAYBJ5LEggoNTBHLxLB6FHawKRAAe7drPjV7eaPhIADxAt5v-8rFYXFHR8XLXPP5DwwvLF7BJcep5ICDgJbMnHDbWdytWYY6LfUl82j701wCDxThcB6lF4glkfPhGZnFtvKLlT6ygW7u5i8wtepRUQccgJaaqmKLUUGQo-raj2VuL1wlL0K6bNWPcEjQnS8_QG1X6uOTTytNmdowOaJdRf5oiTEbFcAaUFGUYSWK7Okn-RBdBIC0pkgMtbCyS82e86CO5qnM8i4LzNYRwnQface9i6R_v2QSRJYYGWY3UIvynj2CJuAENnh5Yv70Rg3e6mcvJBpb3Jrc4TcdU3kDW8bHyCiM-vZ9jBOJqrZXgkjql8ewMs6UZsiLM0R-I54XzsXqz4huYESWyHZY70rwLhQ0bWtfa9JJlYOQXu4mOcmdnxqRv9JPUdIjHKnJyRYeit78-f-1tS_TRJ9bBgqWEHZ9qFtMsjDMjoU8eWwUif52vZzVkAV2MpCfFLBRxmvmPApA8tFlhyI6laAEG2Phsiz9WanJRkoYzmGCGtcW9nzQ_S7v5pX1QS_BdveIj2xT_JX21ZEBdikoqNdYlIn2q0DtPwEtjS1hAM22UCg_gJ_cVALIhuv0-Dfcgxq95NJ3NF88rAhuekeZ1JnCr7pnF9x6o1XrmFC9_X3xvdyDsowkGHe1iyBzc80nFAjaZchKMSWxaYFR2bgfGYCIoGMnDPlLiFWBIh4k2w_wf2XVfylAmqfMBJKc1t6-rVb9cS-ebp87nAlff6eXk_WkvXYlGe_3i_7DfL2Q57HE3RtAGQv-bg3UKomk0ki3clIOfp3k8NFaW8cX6mdVNFNC8Iw-IPEr6L_c52FN70hybepeOOy0npSN45YfRohTYhIeE6YolFsmVZT-WvtI9Z4AFdwh2TISO0iWg07mT7nsXs1zv7FV3mp5aTYubDYCOk_WYswcjcSwAurJ4i1wOV3j5fPg7ifBGYhUtTRM6qiL8kqC56tU9dI38m6SW2GzWO1RuLegOE0g54piO4hSGKwtaDpOZngISTCzkUr_u50PoixbcO28-Fx_K-a-NcAGUc_fD0-nPoAalSrwZzFr3GZ86Rq4NX3NFqqu6aRLLRSKTg6wCDKcXIfq0jmbGtgJIFyp974iWVPSV2uSzK-tju4ZcKJrBp-i0AyfgVTafsefD4TOJJddMQF9irFZumTL8rPhpkQ4XciL7iWqc4CsBS2IUoxVv35SXKXV6EYpWWNHm_aCe-Qdj_22fdWwuRZy_aOs93c9jQTCzFTp13qgutIDwtum4Kq_zv9j6G2p5FaPeb2uaJQfAS-EvE5ceIcl0li8sgnQ-wQl72PjRuOUPn5-1HjWThLrwqV50bIkW6A5L26TAAWHYYN5RLezWzKOpZtqETaMVY0OVDUY3fNNxsBmm-wR2fSjXXc6g9BNSAZleRs3vWNpdE3Q-jZGw6KE0BKllOGl46No_9OuhwARIyi8V7QTWl4Yx4rt36JNAnipUddjRHLO3viw2NPCdZsvlplEnfquwIzRW9MIpyv9nD30iTFxtUoXSf9JKGgkmgzjwvgxYkVTd6kfSpO66K9mugI3cPiwdX4Jd758dZjWrSwMOQSMTjxMcajMWClhd0HVshHXUuRsGzbTbC2gonk38HJWG84WYabSa9n-gbdA6bhaLpgIw-X4ke5Dc7l4sx0AxVlxJLT_T-UntsuSXVbw1acL5GOjhhSz2HDya0rHOD_GnJcFg4_1tAbtCIZ9neIZ-k6eUjUGBcvG7QUhW2J6ebo3WHki0XCHU_4pFTmsYyX4w6eaj6PHGRFIaxaU4uHKKpEeF018qOqFMY7HrRcUrTV_nzCi4IS7PxGD7rb9-Q473nUmRvplIgQHQoflDdA02ASASimSQerAMVWT5x7l3CKnx3Ja_9nJ6YLFoppFv8s8e0yotYpzB_1gyyBVvV-ksb0O-wwbg0JjDENVNpsxCGwEIku6fqrlCnYhhxW7y6aFdAQ19I8PL9iwQQXHerApXMHwLkDZ0cs5wr_cQqSVHKsCtoW6He8-i0_ISJmw9Q16t1b_g1anqGFhq6HK-WqPwwHugaNlAxH7DEA9T9tHCSyHgQl2XzRk25tbQpvooan2iLeE6l2tdVX9rdBiCqEfWDyZ8HcgeMZtD18gbiGCoeNXMLN3XEEB8Fc30S22qqOyb6w5FxNfDVEquBZGLVtAK9pQjNg-Qw4dlujMgvUuQD4EP55jStXii5AfB3xgg1etUrhHMCtPZkhc93ixhX3zpHYoVIy-_fP4Hxf06JcQ4S39oBTwESIRBm1-qrX2cz5BzjyHGEc_bNLUJzmj8Ixo-0GFCVLeiG9_AyYVhzdeEsfUzO2BETrJcwz1D2yfN-d26ZkyfOV2S01I4WbLLrBTvMH5OY17xnlGwE6WXLseNkGbatDwOvfEfqrhUfDXUof5bIYNEdUg-y545Vz59Mu8New9UpL2J-FeMv98LRtdywkD-2L2wX7s0apHFdilNopm4j65f4mCWmQaXicoox27I1mS3fuvKsyx8h9f4B8M_I-qI17QsXq94uffUhGKQ5ZEz3lCZQFScqCTEat_5n0ljd92LvaSRPkAJpQ9BcufRV3PmYGcJuxYa9Lc1fuS5n0_pGvyEx4m3Uvk_HPbQ79dre0eqYIuy15Mo4xnVPde9xTcCqS1vi_hyZcM0HsiGfXSnlKmMYBkTw4pODBZme9d7LcoPrrCrt2CCZRppOOhoIkF0ONOpQ&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&rfl=1%2Chttps%253A%252F%252Fdl-file.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 22 May 2022 20:24:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3F6C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMnpP8ax_H0XXD_xeEmVVQbXxG82NQIJBoFf1k2qR_KMcoRPTywNW2PnP0zYcGdUVtCGjnW1c4_x5YAEc0yrQygVOLnA&cry=1&dbm_d=AKAmf-BCFzRWpQfJ_O0PZfnYK8KNOI9GpF3h8q7DHf2P756ImG_brv5mQRHD_K0xqmIFbvSG9X33fyUEHM8UDjdeJnL3J4JoJcUVmecK4v2TwSukhyT9WQkDYq3ad89mcP4SR4YqPHxRkiTCO7GMXzxTlUzK0cOYbrRWjWpehF8mUxQUE2cKUYPSqLOVqp4TvFFbAUIvrE14PmxVtaNQLkCKtCLd1669_sEgbCWMwM4U6N5XuVJi_U92NdCmea2XRHubgpRZa7R0yXKF-bz4XN-O6Wdk4x1RL7bLIQnuzRjA1P3091WiqAnpaSDN6s8qXwLindkTBVjMyekcLPSHrDflnre8n1SvTZOXhHZEOfM7SRyLakeRI1cOXUNlYPdxKmXdiwBggeBsrGlkIG_LYp3Bno-KqYKK8Ou3qVI2Zc11S7-RxbpCYSjTlrXW0nu1N5KaN-JEe5KVOq4ctSSNtcoP6yJVpoYhZAYBJ5LEggoNTBHLxLB6FHawKRAAe7drPjV7eaPhIADxAt5v-8rFYXFHR8XLXPP5DwwvLF7BJcep5ICDgJbMnHDbWdytWYY6LfUl82j701wCDxThcB6lF4glkfPhGZnFtvKLlT6ygW7u5i8wtepRUQccgJaaqmKLUUGQo-raj2VuL1wlL0K6bNWPcEjQnS8_QG1X6uOTTytNmdowOaJdRf5oiTEbFcAaUFGUYSWK7Okn-RBdBIC0pkgMtbCyS82e86CO5qnM8i4LzNYRwnQface9i6R_v2QSRJYYGWY3UIvynj2CJuAENnh5Yv70Rg3e6mcvJBpb3Jrc4TcdU3kDW8bHyCiM-vZ9jBOJqrZXgkjql8ewMs6UZsiLM0R-I54XzsXqz4huYESWyHZY70rwLhQ0bWtfa9JJlYOQXu4mOcmdnxqRv9JPUdIjHKnJyRYeit78-f-1tS_TRJ9bBgqWEHZ9qFtMsjDMjoU8eWwUif52vZzVkAV2MpCfFLBRxmvmPApA8tFlhyI6laAEG2Phsiz9WanJRkoYzmGCGtcW9nzQ_S7v5pX1QS_BdveIj2xT_JX21ZEBdikoqNdYlIn2q0DtPwEtjS1hAM22UCg_gJ_cVALIhuv0-Dfcgxq95NJ3NF88rAhuekeZ1JnCr7pnF9x6o1XrmFC9_X3xvdyDsowkGHe1iyBzc80nFAjaZchKMSWxaYFR2bgfGYCIoGMnDPlLiFWBIh4k2w_wf2XVfylAmqfMBJKc1t6-rVb9cS-ebp87nAlff6eXk_WkvXYlGe_3i_7DfL2Q57HE3RtAGQv-bg3UKomk0ki3clIOfp3k8NFaW8cX6mdVNFNC8Iw-IPEr6L_c52FN70hybepeOOy0npSN45YfRohTYhIeE6YolFsmVZT-WvtI9Z4AFdwh2TISO0iWg07mT7nsXs1zv7FV3mp5aTYubDYCOk_WYswcjcSwAurJ4i1wOV3j5fPg7ifBGYhUtTRM6qiL8kqC56tU9dI38m6SW2GzWO1RuLegOE0g54piO4hSGKwtaDpOZngISTCzkUr_u50PoixbcO28-Fx_K-a-NcAGUc_fD0-nPoAalSrwZzFr3GZ86Rq4NX3NFqqu6aRLLRSKTg6wCDKcXIfq0jmbGtgJIFyp974iWVPSV2uSzK-tju4ZcKJrBp-i0AyfgVTafsefD4TOJJddMQF9irFZumTL8rPhpkQ4XciL7iWqc4CsBS2IUoxVv35SXKXV6EYpWWNHm_aCe-Qdj_22fdWwuRZy_aOs93c9jQTCzFTp13qgutIDwtum4Kq_zv9j6G2p5FaPeb2uaJQfAS-EvE5ceIcl0li8sgnQ-wQl72PjRuOUPn5-1HjWThLrwqV50bIkW6A5L26TAAWHYYN5RLezWzKOpZtqETaMVY0OVDUY3fNNxsBmm-wR2fSjXXc6g9BNSAZleRs3vWNpdE3Q-jZGw6KE0BKllOGl46No_9OuhwARIyi8V7QTWl4Yx4rt36JNAnipUddjRHLO3viw2NPCdZsvlplEnfquwIzRW9MIpyv9nD30iTFxtUoXSf9JKGgkmgzjwvgxYkVTd6kfSpO66K9mugI3cPiwdX4Jd758dZjWrSwMOQSMTjxMcajMWClhd0HVshHXUuRsGzbTbC2gonk38HJWG84WYabSa9n-gbdA6bhaLpgIw-X4ke5Dc7l4sx0AxVlxJLT_T-UntsuSXVbw1acL5GOjhhSz2HDya0rHOD_GnJcFg4_1tAbtCIZ9neIZ-k6eUjUGBcvG7QUhW2J6ebo3WHki0XCHU_4pFTmsYyX4w6eaj6PHGRFIaxaU4uHKKpEeF018qOqFMY7HrRcUrTV_nzCi4IS7PxGD7rb9-Q473nUmRvplIgQHQoflDdA02ASASimSQerAMVWT5x7l3CKnx3Ja_9nJ6YLFoppFv8s8e0yotYpzB_1gyyBVvV-ksb0O-wwbg0JjDENVNpsxCGwEIku6fqrlCnYhhxW7y6aFdAQ19I8PL9iwQQXHerApXMHwLkDZ0cs5wr_cQqSVHKsCtoW6He8-i0_ISJmw9Q16t1b_g1anqGFhq6HK-WqPwwHugaNlAxH7DEA9T9tHCSyHgQl2XzRk25tbQpvooan2iLeE6l2tdVX9rdBiCqEfWDyZ8HcgeMZtD18gbiGCoeNXMLN3XEEB8Fc30S22qqOyb6w5FxNfDVEquBZGLVtAK9pQjNg-Qw4dlujMgvUuQD4EP55jStXii5AfB3xgg1etUrhHMCtPZkhc93ixhX3zpHYoVIy-_fP4Hxf06JcQ4S39oBTwESIRBm1-qrX2cz5BzjyHGEc_bNLUJzmj8Ixo-0GFCVLeiG9_AyYVhzdeEsfUzO2BETrJcwz1D2yfN-d26ZkyfOV2S01I4WbLLrBTvMH5OY17xnlGwE6WXLseNkGbatDwOvfEfqrhUfDXUof5bIYNEdUg-y545Vz59Mu8New9UpL2J-FeMv98LRtdywkD-2L2wX7s0apHFdilNopm4j65f4mCWmQaXicoox27I1mS3fuvKsyx8h9f4B8M_I-qI17QsXq94uffUhGKQ5ZEz3lCZQFScqCTEat_5n0ljd92LvaSRPkAJpQ9BcufRV3PmYGcJuxYa9Lc1fuS5n0_pGvyEx4m3Uvk_HPbQ79dre0eqYIuy15Mo4xnVPde9xTcCqS1vi_hyZcM0HsiGfXSnlKmMYBkTw4pODBZme9d7LcoPrrCrt2CCZRppOOhoIkF0ONOpQ&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&rfl=1%2Chttps%253A%252F%252Fdl-file.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 01:42:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 01:42:51 GMT
xuid
eb2.3lift.com/ Frame 779F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e7d976ba-c653-41a4-983d-9d0c2b298e72&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e7d976ba-c653-41a4-983d-9d0c2b298e72&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e7d976ba-c653-41a4-983d-9d0c2b298e72&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 779F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 779F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK1CeBm196VWcWYv8S8TH9Q&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK1CeBm196VWcWYv8S8TH9Q&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK1CeBm196VWcWYv8S8TH9Q&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 779F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5
date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 779F
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=381419749697304055279&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=381419749697304055279&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5c9075e3-9435-48cf-b048-2b3e8c7caa32&_noobservation=1
43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5c9075e3-9435-48cf-b048-2b3e8c7caa32&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70f847092ac65479-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Sun, 22 May 2022 20:24:48 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 51210CC4AD0641E388D4E83EC3FFFB32 Ref B: YTO01EDGE0818 Ref C: 2022-05-22T20:24:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5c9075e3-9435-48cf-b048-2b3e8c7caa32&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfn4PeeLVzGMrShfEqbg==
xuid
eb2.3lift.com/ Frame 779F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/381419749697304055279?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CHp_CjpE2oTYB4Bf_5GCoMJhrGkgYuOX_pDsgRkkkg--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CHp_CjpE2oTYB4Bf_5GCoMJhrGkgYuOX_pDsgRkkkg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 22 May 2022 20:24:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CHp_CjpE2oTYB4Bf_5GCoMJhrGkgYuOX_pDsgRkkkg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 779F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=381419749697304055279&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=8b35b8aa-cd3d-4f1d-aaba-83971892ec1a
  • https://eb2.3lift.com/xuid?mid=2409&xuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 22 May 2022 20:24:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 779F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=381419749697304055279
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
23178
stags.bluekai.com/site/ Frame 779F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
21 B
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GFMXGNCIN5DWO42CJB3EIWDLGA2XALLD&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:48 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
21
Content-Type
text/plain; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
P3p
CP="We do not support P3P header."
Location
https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GFMXGNCIN5DWO42CJB3EIWDLGA2XALLD&gdpr=0
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
339
Expires
Thu, 01 Dec 1994 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 779F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=381419749697304055279
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.175 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
da92da68-4b8c-4e22-8f73-dcccb6db372b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=e2706e76-314b-4c21-be50-680abe016322
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=e2706e76-314b-4c21-be50-680abe016322
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=e2706e76-314b-4c21-be50-680abe016322
date
Sun, 22 May 2022 20:24:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY1MmI1MTA4NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5NmQkJaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDEhMC40OTUkLwY0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwuuOWMjZGUlYzIlJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NTMlNTEjODt1NDAzqWyxPVNyn2yhZG9TUGkurWVlNwI4YTywMGUkMTp3YlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxoC1znWkyLzNioSUlRzp2rzgjY3canHFxpvUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFlLzu0oWjzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXE=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B00D 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 19:21:12 GMT
etag
48472445140208031
expires
Mon, 23 May 2022 19:21:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F57B 		23 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F6928793%2Fdl-file-61deae48ca228%2Fdl-file-Instream-Nova-Core1-61deb211dc4b8&description_url=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&env=vp&correlator=3416193562709000&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x480&unviewed_position_start=1&cust_params=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar%26prmsig%3Dpolnip&sdkv=h.3.516.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&gdpr=0&addtl_consent=1~&sdki=44d&ptt=20&adk=3742915901&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.516.0&sid=75353EA0-2AEF-4185-95F1-8A37DEC09A34&nel=0&eid=44761692&url=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&dlt=1653251085964&idt=1810&dt=1653251088576&cookie=ID%3Dda106d6ac536abbe%3AT%3D1653251087%3AS%3DALNI_MZqs2HS-ZRL6Z9G_1a49D3cbdhX9Q&scor=1294685876235079&ged=ve4_td3_tt1_pd3_la3000_er773.-1800.923.-1500_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
8ff31cb138e97b77714e7b23a374568e46d3d9da78d4a643962183080e47b86a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4004
x-xss-protection
0
google-lineitem-id
6015490025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138391940715
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3F6C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLB23vtYSAP_4Fy0mnaGkzHfeXSNpMZeCmEcfSWLUvACc-V-hPG9RiHeSyh7NN9q0FS9Y6vuhpag8yyDmjafts-FkgFtDqes9vSKqRXeSU-p937LUN_u6bOkcNCmDO3PK6ey6PC_ACnSkLHSLcBMCogi5YlVUKlseAiEvU91pNjpFDgCUo-mZuHpDHmgXdWJ6HLpkBxOF1h7xjwd2vnarnGW316JzyiasBu49kwXjloxlDnVCOD8Xe6PHseptI4m6y6If1jXOzf-r8pD9EngUkuU8nCzBzv9M2sLdJ380Sn6LfUZ62eOK3KxsybN4qxmV9665GYQ0g-DNy3kFyQmFEucFwxxDo6dG2nY17iG3xajWNfEC4b0idHDo19grLoA9C5KL8XOFQQU05dLGEVSlcoo8xtx3tiwk-70K8KDSCTfCif5DyTtap-_Uk7rUDgaRg8DyXXfSWt7h3xK5JL3VGmdZ00huZXWePe7jCgwHPuVcWTMT7Dc_jmHAHLClJTwN8tWp5FcX_saP4jxZpjkbSw4emtz0RGrJJNek3OsKUpN9akOCNHaqbg1W1j86rLIDAk_XNgEh5wBvPCNQ_O92RuXaOMf01zXM-gWfIQidI0qGeCtLK7k3dAsRPMj9X1_Q32NGwoMQ3gYfwNM--DL44Dvkp27ze_752t-swmN16r23gJYOUcZxyfar7AAwfJWyTnUz0redTeDmjQixNoYr7HQVE18ttcYuKLwVJN-11OxVuiFin-v50ysrpEoDt2UBZdyNBWUPiGdO40rxsEQkEgY0V1G0KJB8bO0KiH2zl5Dipu_ZUqamSGZit8fNKQkBHTusSSP0EuNZ5u9r1nz9Nh72c5gFwZNs548EYlR2QGbiSuPHeaSp3Sjt4dIql9ys42FxlGhFSkhVBgX5l37fWc5nbA6fsUf4ZTsUe89-0DM8Ks4WvyONViDlwiXtV5htwRiqjyWdcuKGRcKaHeCt9-Fcj5PyXxjkPHUD3q1qcpZgSnknxYW9o3YhjOY5VOckp7ENdFHVJBzissygyZb0mI63oUIrLAYZ95jzmRfZtHT2_u4j_xPBiUT0sG46p3rvW0FrTkQSGfNeJjaTh8l6IVi9bUFfsvfbw7VB3QNYRcO_4jO_YGz9wOJJ9e-FlCjhFZjHJ7Pd055ExpAK-4oFYuhIhmWxtpsYQ9fsf6ZvQ1-cGEOUZ2E3irninw79N&sai=AMfl-YQ3cVItFb8EnLi9Q3tlryL483PoX9uHuGrDb9jRbH7-LB16Qg6ToXT7D8o5M-n_tZi3vpQIM4sUhwWxyR4H1Wk-vSd6yzLUcHzSnJkaMdKZ-p39_aGdsi35trGp_UEz-xsrM0v1Hej_qjI8kg5ABY8_YGKcebGqAAf9M37FhrFSFY1lnrWdlWkJlkESVXbGu8JICPQTJEmuEMkoiB3kpe_R&sig=Cg0ArKJSzF1CMmUhQwxQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&vt=11&dtpt=232&dett=2&cstd=0&cisv=r20220518.21593&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMnpP8ax_H0XXD_xeEmVVQbXxG82NQIJBoFf1k2qR_KMcoRPTywNW2PnP0zYcGdUVtCGjnW1c4_x5YAEc0yrQygVOLnA&cry=1&dbm_d=AKAmf-BCFzRWpQfJ_O0PZfnYK8KNOI9GpF3h8q7DHf2P756ImG_brv5mQRHD_K0xqmIFbvSG9X33fyUEHM8UDjdeJnL3J4JoJcUVmecK4v2TwSukhyT9WQkDYq3ad89mcP4SR4YqPHxRkiTCO7GMXzxTlUzK0cOYbrRWjWpehF8mUxQUE2cKUYPSqLOVqp4TvFFbAUIvrE14PmxVtaNQLkCKtCLd1669_sEgbCWMwM4U6N5XuVJi_U92NdCmea2XRHubgpRZa7R0yXKF-bz4XN-O6Wdk4x1RL7bLIQnuzRjA1P3091WiqAnpaSDN6s8qXwLindkTBVjMyekcLPSHrDflnre8n1SvTZOXhHZEOfM7SRyLakeRI1cOXUNlYPdxKmXdiwBggeBsrGlkIG_LYp3Bno-KqYKK8Ou3qVI2Zc11S7-RxbpCYSjTlrXW0nu1N5KaN-JEe5KVOq4ctSSNtcoP6yJVpoYhZAYBJ5LEggoNTBHLxLB6FHawKRAAe7drPjV7eaPhIADxAt5v-8rFYXFHR8XLXPP5DwwvLF7BJcep5ICDgJbMnHDbWdytWYY6LfUl82j701wCDxThcB6lF4glkfPhGZnFtvKLlT6ygW7u5i8wtepRUQccgJaaqmKLUUGQo-raj2VuL1wlL0K6bNWPcEjQnS8_QG1X6uOTTytNmdowOaJdRf5oiTEbFcAaUFGUYSWK7Okn-RBdBIC0pkgMtbCyS82e86CO5qnM8i4LzNYRwnQface9i6R_v2QSRJYYGWY3UIvynj2CJuAENnh5Yv70Rg3e6mcvJBpb3Jrc4TcdU3kDW8bHyCiM-vZ9jBOJqrZXgkjql8ewMs6UZsiLM0R-I54XzsXqz4huYESWyHZY70rwLhQ0bWtfa9JJlYOQXu4mOcmdnxqRv9JPUdIjHKnJyRYeit78-f-1tS_TRJ9bBgqWEHZ9qFtMsjDMjoU8eWwUif52vZzVkAV2MpCfFLBRxmvmPApA8tFlhyI6laAEG2Phsiz9WanJRkoYzmGCGtcW9nzQ_S7v5pX1QS_BdveIj2xT_JX21ZEBdikoqNdYlIn2q0DtPwEtjS1hAM22UCg_gJ_cVALIhuv0-Dfcgxq95NJ3NF88rAhuekeZ1JnCr7pnF9x6o1XrmFC9_X3xvdyDsowkGHe1iyBzc80nFAjaZchKMSWxaYFR2bgfGYCIoGMnDPlLiFWBIh4k2w_wf2XVfylAmqfMBJKc1t6-rVb9cS-ebp87nAlff6eXk_WkvXYlGe_3i_7DfL2Q57HE3RtAGQv-bg3UKomk0ki3clIOfp3k8NFaW8cX6mdVNFNC8Iw-IPEr6L_c52FN70hybepeOOy0npSN45YfRohTYhIeE6YolFsmVZT-WvtI9Z4AFdwh2TISO0iWg07mT7nsXs1zv7FV3mp5aTYubDYCOk_WYswcjcSwAurJ4i1wOV3j5fPg7ifBGYhUtTRM6qiL8kqC56tU9dI38m6SW2GzWO1RuLegOE0g54piO4hSGKwtaDpOZngISTCzkUr_u50PoixbcO28-Fx_K-a-NcAGUc_fD0-nPoAalSrwZzFr3GZ86Rq4NX3NFqqu6aRLLRSKTg6wCDKcXIfq0jmbGtgJIFyp974iWVPSV2uSzK-tju4ZcKJrBp-i0AyfgVTafsefD4TOJJddMQF9irFZumTL8rPhpkQ4XciL7iWqc4CsBS2IUoxVv35SXKXV6EYpWWNHm_aCe-Qdj_22fdWwuRZy_aOs93c9jQTCzFTp13qgutIDwtum4Kq_zv9j6G2p5FaPeb2uaJQfAS-EvE5ceIcl0li8sgnQ-wQl72PjRuOUPn5-1HjWThLrwqV50bIkW6A5L26TAAWHYYN5RLezWzKOpZtqETaMVY0OVDUY3fNNxsBmm-wR2fSjXXc6g9BNSAZleRs3vWNpdE3Q-jZGw6KE0BKllOGl46No_9OuhwARIyi8V7QTWl4Yx4rt36JNAnipUddjRHLO3viw2NPCdZsvlplEnfquwIzRW9MIpyv9nD30iTFxtUoXSf9JKGgkmgzjwvgxYkVTd6kfSpO66K9mugI3cPiwdX4Jd758dZjWrSwMOQSMTjxMcajMWClhd0HVshHXUuRsGzbTbC2gonk38HJWG84WYabSa9n-gbdA6bhaLpgIw-X4ke5Dc7l4sx0AxVlxJLT_T-UntsuSXVbw1acL5GOjhhSz2HDya0rHOD_GnJcFg4_1tAbtCIZ9neIZ-k6eUjUGBcvG7QUhW2J6ebo3WHki0XCHU_4pFTmsYyX4w6eaj6PHGRFIaxaU4uHKKpEeF018qOqFMY7HrRcUrTV_nzCi4IS7PxGD7rb9-Q473nUmRvplIgQHQoflDdA02ASASimSQerAMVWT5x7l3CKnx3Ja_9nJ6YLFoppFv8s8e0yotYpzB_1gyyBVvV-ksb0O-wwbg0JjDENVNpsxCGwEIku6fqrlCnYhhxW7y6aFdAQ19I8PL9iwQQXHerApXMHwLkDZ0cs5wr_cQqSVHKsCtoW6He8-i0_ISJmw9Q16t1b_g1anqGFhq6HK-WqPwwHugaNlAxH7DEA9T9tHCSyHgQl2XzRk25tbQpvooan2iLeE6l2tdVX9rdBiCqEfWDyZ8HcgeMZtD18gbiGCoeNXMLN3XEEB8Fc30S22qqOyb6w5FxNfDVEquBZGLVtAK9pQjNg-Qw4dlujMgvUuQD4EP55jStXii5AfB3xgg1etUrhHMCtPZkhc93ixhX3zpHYoVIy-_fP4Hxf06JcQ4S39oBTwESIRBm1-qrX2cz5BzjyHGEc_bNLUJzmj8Ixo-0GFCVLeiG9_AyYVhzdeEsfUzO2BETrJcwz1D2yfN-d26ZkyfOV2S01I4WbLLrBTvMH5OY17xnlGwE6WXLseNkGbatDwOvfEfqrhUfDXUof5bIYNEdUg-y545Vz59Mu8New9UpL2J-FeMv98LRtdywkD-2L2wX7s0apHFdilNopm4j65f4mCWmQaXicoox27I1mS3fuvKsyx8h9f4B8M_I-qI17QsXq94uffUhGKQ5ZEz3lCZQFScqCTEat_5n0ljd92LvaSRPkAJpQ9BcufRV3PmYGcJuxYa9Lc1fuS5n0_pGvyEx4m3Uvk_HPbQ79dre0eqYIuy15Mo4xnVPde9xTcCqS1vi_hyZcM0HsiGfXSnlKmMYBkTw4pODBZme9d7LcoPrrCrt2CCZRppOOhoIkF0ONOpQ&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&rfl=1%2Chttps%253A%252F%252Fdl-file.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 3F6C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f12ca2c52ad3c1fa948cb52a860af55d9e1a40fdca6b42bbf1503631eb643f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
map
ih.adscale.de/ Frame 4028 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4caaad71017eaa3bf2e379a4e518db0d5982d079b199c60f9059e782a1773076

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
2792
content-type
text/html;charset=ISO-8859-1
date
Sun, 22 May 2022 20:24:48 GMT
pubcid.php
hbx.media.net/ Frame BB45 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Sun, 22 May 2022 20:24:48 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:54:48 GMT
sync
gum.criteo.com/ Frame BB45 		88 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
8774ae63d0972387fc36da77c82ca614381a602633af35c9a92ed3e67eeaea01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3675
strict-transport-security
max-age=31536000; preload;
content-length
208
expires
60
cksync.html
contextual.media.net/ Frame F4D8
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Drkt%26refUrl%3D%26vid%3D325108867929625268614557970...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2962526861455797000V10&type=rkt&refUrl=&vid=32510886792962526861455797000V10&ovsid=979321824873700273
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2962526861455797000V10&type=rkt&refUrl=&vid=32510886792962526861455797000V10&ovsid=979321824873700273
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sun, 22 May 2022 20:24:48 GMT
expires
Sun, 22 May 2022 20:24:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 22 May 2022 20:24:48 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2962526861455797000V10&type=rkt&refUrl=&vid=32510886792962526861455797000V10&ovsid=979321824873700273
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame BB45
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=178751f958e41219&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=con&refUrl=&vid=32510886792962526861455797000V10&ovsid=AAAGbrS7t6OYsAMJe66fAAAAAAA&expiration=1653337488&is_secure=true
45 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=con&refUrl=&vid=32510886792962526861455797000V10&ovsid=AAAGbrS7t6OYsAMJe66fAAAAAAA&expiration=1653337488&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 22 May 2022 20:24:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=con&refUrl=&vid=32510886792962526861455797000V10&ovsid=AAAGbrS7t6OYsAMJe66fAAAAAAA&expiration=1653337488&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame BB45
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dmma%26refUrl%3D%26vid%3D325108867929625268614557...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=mma&refUrl=&vid=32510886792962526861455797000V10&ovsid=afb5628a-9c0e-4600-94cb-309c0e1eca58
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=mma&refUrl=&vid=32510886792962526861455797000V10&ovsid=afb5628a-9c0e-4600-94cb-309c0e1eca58
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 22 May 2022 20:24:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

Date
Sun, 22 May 2022 20:24:48 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=mma&refUrl=&vid=32510886792962526861455797000V10&ovsid=afb5628a-9c0e-4600-94cb-309c0e1eca58
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 20:24:47 GMT
cksync.php
contextual.media.net/ Frame BB45
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dr1%26refUrl%3D%26vid%3D32510886792962526861...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Dr1%26refUrl%3D%26vid%3D32510886792962...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=r1&refUrl=&vid=32510886792962526861455797000V10&ovsid=OPTOUT
45 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=r1&refUrl=&vid=32510886792962526861455797000V10&ovsid=OPTOUT
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 22 May 2022 20:24:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=r1&refUrl=&vid=32510886792962526861455797000V10&ovsid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cksync
cs.media.net/ Frame BB45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjk2MjUyNjg2MTQ1NTc5NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKW90RnYL4DmsO2Qf8bdYK4&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKW90RnYL4DmsO2Qf8bdYK4&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKW90RnYL4DmsO2Qf8bdYK4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame BB45
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D32510886792962526861455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2962526861455797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D32510886792962526...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=dxu&refUrl=&vid=32510886792962526861455797000V10&ovsid=xaBBc4a91NSS895
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=dxu&refUrl=&vid=32510886792962526861455797000V10&ovsid=xaBBc4a91NSS895
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 22 May 2022 20:24:49 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:49 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-057420aad53a017a6@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2962526861455797000V10&type=dxu&refUrl=&vid=32510886792962526861455797000V10&ovsid=xaBBc4a91NSS895
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame BB45
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=af93f6ef-f16d-4099-b899-77901b9bf8e0
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=af93f6ef-f16d-4099-b899-77901b9bf8e0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 22 May 2022 20:24:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:47 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=af93f6ef-f16d-4099-b899-77901b9bf8e0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3201018
content-length
0
expires
Sun, 22 May 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame BB45
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a7b5763f-103c-4a05-bf76-bce22d4435aa&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 22 May 2022 20:24:49 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:49 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 22 May 2022 20:24:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame BB45
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2962526861455797000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=50aae929-4949-402d-be95-e0a3492c1ff4&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=50aae929-4949-402d-be95-e0a3492c1ff4&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 22 May 2022 20:24:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=50aae929-4949-402d-be95-e0a3492c1ff4&cs=1
date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame BB45 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame BB45
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d976ba-c653-41a4-983d-9d0c2b298e72
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d976ba-c653-41a4-983d-9d0c2b298e72
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 22 May 2022 20:24:48 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d976ba-c653-41a4-983d-9d0c2b298e72
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame BB45
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2962526861455797000V10
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2962526861455797000V10
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2962526861455797000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S1BZQR6JTSC21Z759WHS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2962526861455797000V10
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sun, 22 May 2022 20:24:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4880 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
67317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 01:42:51 GMT
expires
Mon, 22 May 2023 01:42:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame B00D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIW4uxF4gFbNTjUuivVc7X8&google_cver=1&google_push=AYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIW4uxF4gFbNTjUuivVc7X8&google_cver=1&google_push=AYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3c...
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIW4uxF4gFbNTjUuivVc7X8&google_cver=1&google_push=AYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70f8470a2a0a4bd0-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
5973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70f8470948b64bd0-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIW4uxF4gFbNTjUuivVc7X8&google_cver=1&google_push=AYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJO5z_9ty5dmCXmd4jlx6HkRmwXPg0t4UFMrru8hxWGfyvt_kmJmIEMZvOKAbJRdYwGCl3oY_ZsMrEDfthsOah_NCutt3cH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B00D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBeYvrtoSU-DmNKELqV9hDQ&google_cver=1&google_push=AYg5qPJOQmFd2oDFGX45uMTGNqCPGOHI35J8kyBYF8oZwK5d9gx0Mge0MhOuYCMtSQNNWcNw-ik6pm-SmvwFz...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJOQmFd2oDFGX45uMTGNqCPGOHI35J8kyBYF8oZwK5d9gx0Mge0MhOuYCMtSQNNWcNw-ik6pm-SmvwFzyGLcYjRBpZMDgM&google_hm=MVlzNEhvR2dzQkh2RFhrM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJOQmFd2oDFGX45uMTGNqCPGOHI35J8kyBYF8oZwK5d9gx0Mge0MhOuYCMtSQNNWcNw-ik6pm-SmvwFzyGLcYjRBpZMDgM&google_hm=MVlzNEhvR2dzQkh2RFhrMDVwLWM=
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:48 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJOQmFd2oDFGX45uMTGNqCPGOHI35J8kyBYF8oZwK5d9gx0Mge0MhOuYCMtSQNNWcNw-ik6pm-SmvwFzyGLcYjRBpZMDgM&google_hm=MVlzNEhvR2dzQkh2RFhrMDVwLWM=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B00D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEINmC5xM1VzLiou_dhjUgvo&google_cver=1&google_push=AYg5qPIjv7dXsnTMMycxak8O0uDGLanUzFy5JXLOABzwZ9jhVmnPJt7boM8eQwynyYHpbJfaRwGnqBYVLX3kONpSz...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIjv7dXsnTMMycxak8O0uDGLanUzFy5JXLOABzwZ9jhVmnPJt7boM8eQwynyYHpbJfaRwGnqBYVLX3kONpSzGPh6Sttvsgo&google_hm=Er1IbSZHEQFzpIZfRt6_Z4U8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIjv7dXsnTMMycxak8O0uDGLanUzFy5JXLOABzwZ9jhVmnPJt7boM8eQwynyYHpbJfaRwGnqBYVLX3kONpSzGPh6Sttvsgo&google_hm=Er1IbSZHEQFzpIZfRt6_Z4U8
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 22 May 2022 20:24:48 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIjv7dXsnTMMycxak8O0uDGLanUzFy5JXLOABzwZ9jhVmnPJt7boM8eQwynyYHpbJfaRwGnqBYVLX3kONpSzGPh6Sttvsgo&google_hm=Er1IbSZHEQFzpIZfRt6_Z4U8
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame B00D
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESELlxEqJfV0_s34HNhsXTzuM&google_cver=1&google_push=AYg5qPJak2ypS4OIpSbpwG9WmtPK7xBgVcChVPoTJtsZi3c1I1w4BnDBIZNuqg2NG4fxgm5jc-lGzEZloQu__EPpydIrKG...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4nBudjFLTCG-UGgKvgFjIg&google_push=AYg5qPJak2ypS4OIpSbpwG9WmtPK7xBgVcChVPoTJtsZi3c1I1w4BnDBIZNuqg2NG4fxgm5jc-lGzEZloQu__EP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4nBudjFLTCG-UGgKvgFjIg&google_push=AYg5qPJak2ypS4OIpSbpwG9WmtPK7xBgVcChVPoTJtsZi3c1I1w4BnDBIZNuqg2NG4fxgm5jc-lGzEZloQu__EPpydIrKGaErWMS
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4nBudjFLTCG-UGgKvgFjIg&google_push=AYg5qPJak2ypS4OIpSbpwG9WmtPK7xBgVcChVPoTJtsZi3c1I1w4BnDBIZNuqg2NG4fxgm5jc-lGzEZloQu__EPpydIrKGaErWMS
date
Sun, 22 May 2022 20:24:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame B00D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKhtPGdo_4fXMe8KKbeaj48&google_cver=1&google_push=AYg5qPLD8qkEB5agmE6mv8EvtTC1QSWD568dLf-iA1w5X7tT37m-3TG2l881wVQR6vwb8pBaazRJ2bh3k0YRzLqcTva9GXdj74UX
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5&google_push=AYg5qPLD8qkEB5agmE6mv8EvtTC1QSWD568dLf-iA1w5X7tT37m-3TG2l881wVQR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5&google_push=AYg5qPLD8qkEB5agmE6mv8EvtTC1QSWD568dLf-iA1w5X7tT37m-3TG2l881wVQR6vwb8pBaazRJ2bh3k0YRzLqcTva9GXdj74UX
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgxNDE5NzQ5Njk3MzA0MDU1Mjc5&google_push=AYg5qPLD8qkEB5agmE6mv8EvtTC1QSWD568dLf-iA1w5X7tT37m-3TG2l881wVQR6vwb8pBaazRJ2bh3k0YRzLqcTva9GXdj74UX
date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame B00D
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPxcsNQ6qUdcLUxH_3WGJIQ&google_cver=1&google_push=AYg5qPLxziBBrRe_pS3e1AV4-iYyeNGlS05FKvshtkWYg1IpRke_ih4Z7jH23cP03T0JCmYW9jT4eV898mUjhhJiuNE70f4O_wk
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLxziBBrRe_pS3e1AV4-iYyeNGlS05FKvshtkWYg1IpRke_ih4Z7jH23cP03T0JCmYW9jT4eV898mUjhhJiuNE70f4O_wk&google_hm=fd455e01d938155cd91f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLxziBBrRe_pS3e1AV4-iYyeNGlS05FKvshtkWYg1IpRke_ih4Z7jH23cP03T0JCmYW9jT4eV898mUjhhJiuNE70f4O_wk&google_hm=fd455e01d938155cd91fe446f4360585
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLxziBBrRe_pS3e1AV4-iYyeNGlS05FKvshtkWYg1IpRke_ih4Z7jH23cP03T0JCmYW9jT4eV898mUjhhJiuNE70f4O_wk&google_hm=fd455e01d938155cd91fe446f4360585
date
Sun, 22 May 2022 20:24:48 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame B00D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEPh2b1eK0IxEw9nFPDeJX9o&google_cver=1&google_push=AYg5qPI4TtEDakYII19uyi5hLQFsRi-v6OBXNcfEm0flpLY2sMSz1zeHapORzD_gcgRoEYS8qErp...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=UKrpKUlJQC2-leCjSSwf9A==&no_redirect=1&google_push=AYg5qPI4TtEDakYII19uyi5hLQFsRi-v6OBXNcfEm0flpLY2sMSz1z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=UKrpKUlJQC2-leCjSSwf9A==&no_redirect=1&google_push=AYg5qPI4TtEDakYII19uyi5hLQFsRi-v6OBXNcfEm0flpLY2sMSz1zeHapORzD_gcgRoEYS8qErpxTnBpESFgb61mH5u8lCcI6R-UA
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=UKrpKUlJQC2-leCjSSwf9A==&no_redirect=1&google_push=AYg5qPI4TtEDakYII19uyi5hLQFsRi-v6OBXNcfEm0flpLY2sMSz1zeHapORzD_gcgRoEYS8qErpxTnBpESFgb61mH5u8lCcI6R-UA
date
Sun, 22 May 2022 20:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
attr
cm.g.doubleclick.net/pixel/ Frame B00D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kcr60-AFuAyTndEKhLx8wQBKllaQuKJaJhe_JezSccgt9AxCpocwftEUvvMukIic5ei8xmTQ
Requested by
Host: ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
URL: https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame F57B 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3hr0fir&c=6744214056030&slotId=3372107028015&qqid=CL6u8p748_cCFdmBgwgdm0YGyA&gqid=EJyKYqOFJcLVnwST_YqoBw&fb=ima_html5-lima&sdkv=h.3.516.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&vmfc=6&vhc=0&ghmsh_eids=44761692
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match.js
js.adscale.de/ Frame 4028 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:6000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Cwu3l44QxZ0xqe3HR97ooSjHQWKkMv4f
content-encoding
br
last-modified
Fri, 20 May 2022 06:59:32 GMT
server
AmazonS3
age
5111
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sun, 22 May 2022 18:59:38 GMT
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
MCFPhAEgrY7yefx6G0mRhVlCaoEh5ofRBVQPN-e2vM7M2n7LOJSqew==
log
c21lg-d.media.net/ Frame BB45 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=cbd942b9-e51f-40dc-afe6-3f1591edbd54&cs=15&vsid=2962526861455797000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 22 May 2022 20:24:48 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI2JaNypaZypyRcoWU9MTY1MmI1MTA4NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE3MDt4Mmp1Jat9NDAjJax9MwI1Jz1mqGE9MTpjNmt0MDAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow1xoC1znWkyLzNioSZmqWJJZD1xoC1znWkyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlMGycpUVhnGFhY2VQpzVvnWQyMwAyMxYyMwAlJTIjJTJGJTIjZGVzYXVfqCZcp0FjpD0jJaZcZF9uqGx9ZGjgZzyfZS1JoaN0pzVuoS1Oo3ZuLUNipzUkLTYkZGVvMwEkZGM0YwtzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDEhMC40OTUkLwY0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwuuOWMjZGUlYzIlJaJ2ow0kMwE1MCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZmp3BsYWRioT0zZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA4ODt3NSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQkJaNypaZypyRcoWU9MTY1MmI1MTA4NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE3MDt4Mmp1Jat9NDAjJax9MwI1Jz1mqGE9MTpjNmt0MDAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow1xoC1znWkyLzNioSZmqWJJZD1xoC1znWkyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlMGycpUVhnGFhY2VQpzVvnWQyMwAyMxYyMwAlJTIjJTJGJTIjZGVzYXVfqCZcp0FjpD0jJaZcZF9uqGx9ZGjgZzyfZS1JoaN0pzVuoS1Oo3ZuLUNipzUkLTYkZGVvMwEkZGM0YwtzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDEhMC40OTUkLwY0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwuuOWMjZGUlYzIlJaJ2ow0kMwE1MCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZmp3BsYWRioT0zZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA4ODt3NSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:48 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame F57B 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve1XktmylwvtYGLbhll2-buSzFzQSbE4P4sQgVXNWLEtp8cH38H8XiDZ_kROiP3pU5QlHNx-GjYGQvNyJXkYCg7inQZbXTKK6rjZG4WnL58F-TcHf2IR-2xOrurWZtD06isu3kdV_ytn7osu_v2F1c7TBkA154TZ5OncbYq2ScC56fOBwQFf4QL_7d2-Ig2Ida7tDNswncfrA0D_TA4gCcl_v6Q7TQ_d9BbUTz_vgx_12wFYUd2nqWrnT5pu1vDfx7oHivz2BmDSaz21aLJLOl5d8ND3LW9JtrmQl24p4JEtoNwT5J80Ldqtc5OdISAJh3IXllp-JrPI3ZyOXMaMHbVEPPAFaOzolJqWZXjqKVb6NisgUHwt0&sig=Cg0ArKJSzFUIafPUI7NdEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.516.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYwMTU0OTAwMjUyDDEzODM5MTk0MDcxNUChAVIoCJAFEA8lAAD4QSgBOgtFem5iQnNIcWwxQUILZ29vZ2xldmlkZW9QABgB&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
csi
csi.gstatic.com/ Frame F57B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3hr0gc1&c=6744214056030&slotId=3372107028015&qqid=CL6u8p748_cCFdmBgwgdm0YGyA&gqid=EJyKYqOFJcLVnwST_YqoBw&fb=ima_html5-lima&sdkv=h.3.516.0&mrd=4&aab=0&itv=1&gpm_i=6&gpm_c=5&gpm_a=4&smb=1000&br=656&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Capplication%2Fx-mpegurl%2Capplication%2Fdash%2Bxml&hvmf=false&vms=1&bit=18&vsrc=dclk_video_ads
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
c21lg-d.media.net/ Frame BB45 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=3oulU_sZjz0cvKHPIR2JVXlgrZ4uuE7F&cs=15&vsid=2962526861455797000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C2045%2C3012%2C2043%2C2041%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 22 May 2022 20:24:49 GMT
jNIfTJOJYpsZ98Q8qL-tpT3OaJUUMdeIViycWvFIlxs.js
pagead2.googlesyndication.com/bg/ Frame 4880 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jNIfTJOJYpsZ98Q8qL-tpT3OaJUUMdeIViycWvFIlxs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
8cd21f4c9389629b19f7c43ca8bfada53dce68951431d788562c9c5af148971b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 17:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
96235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13600
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 May 2023 17:40:53 GMT
csi
csi.gstatic.com/ Frame FDC3 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3hr0fbi&c=6744214056030&slotId=3372107028015&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/ Frame 4028
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5e6f3911535f43f0861f27ff82c9607d&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7be91bd7ae43%2F1653251088710%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=101&tpuid=BBID-01-03279650892869371-16609464
49 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=101&tpuid=BBID-01-03279650892869371-16609464
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 22 May 2022 20:24:49 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=101&tpuid=BBID-01-03279650892869371-16609464
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
generate_204
tpc.googlesyndication.com/ Frame D73B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y0uEuA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
file.mp4
r1---sn-apaapm4g-apae.gvt1.com/videoplayback/id/bdf1d31f435de037/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1653272688/sparams/acao,ct...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/bdf1d31f435de037/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1653272688/sparams/ip,ipbits,...
  • https://r1---sn-apaapm4g-apae.gvt1.com/videoplayback/id/bdf1d31f435de037/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1653272688/sparams...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-apaapm4g-apae.gvt1.com/videoplayback/id/bdf1d31f435de037/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1653272688/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/62FC6814B50942E07849CD772B607DFC63F5931B.65E80351CFC20311593A73BEE4B15123F2CCE186/key/cms1/cms_redirect/yes/mh/TF/mip/2607:5300:60:7867::14/mm/28/mn/sn-apaapm4g-apae/ms/nvh/mt/1653250124/mv/u/mvi/1/pl/32/file/file.mp4
Protocol
H3
Server
2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
cefd30fa0e03af0cb10b2d14b177c673b7d186f32a8653c92f603a536d152b8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 May 2022 14:25:18 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-2475151/2475152
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2475152
expires
Sun, 22 May 2022 20:24:49 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-apaapm4g-apae.gvt1.com/videoplayback/id/bdf1d31f435de037/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1653272688/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/62FC6814B50942E07849CD772B607DFC63F5931B.65E80351CFC20311593A73BEE4B15123F2CCE186/key/cms1/cms_redirect/yes/mh/TF/mip/2607:5300:60:7867::14/mm/28/mn/sn-apaapm4g-apae/ms/nvh/mt/1653250124/mv/u/mvi/1/pl/32/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
707
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a.gif
t.sharethis.com/d/ Frame 6CFF 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsAAWKKnA0AAAAIEr7SAw%253D%253D&tt=t.dhj&dhjLcy=1653251086016&lbl=pxcel&flbl=pxcel&ll=d&ver=1.943.23339&ell=d&cck=__stid&dmn=dl-file.com&pn=%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&qs=na&rdn=dl-file.com&rpn=%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&rqs=na&cc=CA&cont=NA&evid=AdZctDYAgO-XVh2yjPbg&urls=!1!365!b-13j,!1!384!b-13h,!1!365!b-14s,!1!0!b-14t,!1!552!b-150,!1!354!b-16f&rnd=1653251089171&cid=c010&version=1.943.23339&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=69
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-18-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:49 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Expires
Sun, 22 May 2022 20:24:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4880 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf1bcEJyKYqPFC8nI_gT_3a2wBQAAAAA4AeAEAg&bg=!x8SlxIDNAAZ4vKt9WLw7ACkAdvg8WirW2r-VjqkEaWjOXKoyn8CISUQ_XtJHAmzwEDitrdnnBoPQkgIAAACAUgAAAAJoAQeZAtvpIqRyikKKVDgudbsoqOtfoUtO_tg4OpxjCCqNUA_K46sNAHht8l05ZudNMi5gj32lodxGBap2gSk_3_0IHdQAoN_ClpgeLxKJzXWFpGzYkoDSQLqtID2aLI5YwC4CczaZYx0xSGwliPxkMmYo1q2S7-9JblBOQuG08j9ya2lSu92IUIczR60BG3051Ekl2gu4heGzLLL1jDeie5Zy4-d0fVSGSrYlLKYJ4XUcJuY0u166uqtOcVEx97zYrIJhO_rHaTxw0G4yM5bk5YU8lhjT6sRmLg2N3x1DY-wRIj9DMYw0a1VPNHV2-gTDGy1sSWbNFWtye1099QR1cfeq9SXHnUgHwsxhWDSurhoIMmoJDIWsJQuS5tdUgTB2V2HcuViD9UQEN-WaIec9AyMu4-sEIf3KBRU4RdDeP4lbLoBEyGOVTlDe8f_CputPwrwQhP5gMIKs54sADqXggj9QCwyE_29wqKa3tzg9z3KHs8aQlIvkRVetCQZATE68kKuJHkQMfH01Xthlf8ihu4PpuYH4d0swIX6Ipi-R5CFD8X_s1Zp4VJPeBftHvgspEr0kABgiM8Stk1WDhLoKoEoGtOIIKO46oDcq4oZzPA0V7nbGlEWvlz7ihVf_UehqgmQdmUy0b2GJp-0rrGGnFohxSWtI5vqYVBiXjGM-F5mdfq24fueZ62xPWQLJoyrH5obukvKPqVTSDHE26MbgXjzKLsl98gOgqNVXsmgggwRwHeppQV2h0rzUpmUiDrRq3XKcDsmCxO29JK6xGTRwSDQIH5pnAzZylfHp0530JmuZuy5tqrrKqOeXRFCbpJnpiEXMshkwNRdopLJ1w0F2QwcVaSbVG0IwhRqlq6ebNBQsOetSJ0oP_k-o3O_pfYqmqB9n-IQ99ykzamMee-RoySpdxs_BIEu_t0LnnKPMinRvqgpV7o-srlDs8NtAWU9lqo6V1sNINgvmTLcTBRAooA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&uid=YoqcDqa9EIQ3upvl3ZMnoAAAAIAAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
270
Expires
Sun, 22 May 2022 20:24:49 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdl-file.com%2F&domain=dl-file.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://dl-file.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 22 May 2022 20:24:49 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1061
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdl-file.com%2F&domain=dl-file.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=1aAa8nxkRmJlVjlMRnA2bjBwRUcxU3QyYnlkb3k2TmI1dkxzVk9OaHJoNERIMnNoSzY0QzYvZzJuVlJlYjRCSzNMckNJM1puWWg0MkE5T1BpZnNISTY5bE02bjNsZkZreEc0MEFHYVVaTU9ZcjRyMFpyVzZCQXRWbTA0MH...
401 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1aAa8nxkRmJlVjlMRnA2bjBwRUcxU3QyYnlkb3k2TmI1dkxzVk9OaHJoNERIMnNoSzY0QzYvZzJuVlJlYjRCSzNMckNJM1puWWg0MkE5T1BpZnNISTY5bE02bjNsZkZreEc0MEFHYVVaTU9ZcjRyMFpyVzZCQXRWbTA0MHFNOEJ4TncxempMa1J1OXA5c3R4eC9NY25UNjBJNVpIOHJTNmtwWWZWUTRCZ1BYU1pYV2N5aFlVZXBLNk5YbUc0YUx1cXVEeVZ6Q004Uyt6UWhJclQ2RFUzK2lVMHFTUDlFYkhUVm5sZUxnR29OUUE5UldHWnhoUjZiVUJkdHo4UGx5RzVvNzVZSHFRcUFnd2c1QnF4L1hoUTVldTZPUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
5cb7b465fad9db23031dbc0bae59fb539354079520c4de191704d700353c5843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3718
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
location
https://mug.criteo.com/sid?cpp=1aAa8nxkRmJlVjlMRnA2bjBwRUcxU3QyYnlkb3k2TmI1dkxzVk9OaHJoNERIMnNoSzY0QzYvZzJuVlJlYjRCSzNMckNJM1puWWg0MkE5T1BpZnNISTY5bE02bjNsZkZreEc0MEFHYVVaTU9ZcjRyMFpyVzZCQXRWbTA0MHFNOEJ4TncxempMa1J1OXA5c3R4eC9NY25UNjBJNVpIOHJTNmtwWWZWUTRCZ1BYU1pYV2N5aFlVZXBLNk5YbUc0YUx1cXVEeVZ6Q004Uyt6UWhJclQ2RFUzK2lVMHFTUDlFYkhUVm5sZUxnR29OUUE5UldHWnhoUjZiVUJkdHo4UGx5RzVvNzVZSHFRcUFnd2c1QnF4L1hoUTVldTZPUT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://dl-file.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2035
content-length
541
expires
0
420.json
id5-sync.com/g/v2/ 		451 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/420.json
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
5c95a14ebe2c302528bda7610170a7fdf4e3eaf88e494c8c927bc5574abfe34f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:48 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=jdf94yb&fmt=json
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f7e300a811bd31edf89f6ec0d50c0073cfa1939ce1203a69e8270d85efc2c390

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dl-file.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 21 Jun 2022 20:24:49 GMT
sync
eb2.3lift.com/ Frame 8999 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
f97576351069948f822f3482faec8a35d142c159d25a306a88f21e18caf61333

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
539
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 20:24:49 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C0D6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=
Requested by
Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.10.0&adapters=adagio,outbrain,pubmatic,triplelift,yahoossp&with-exact-module=permutiveRtdProvider
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131338
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:49 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 24 May 2022 08:53:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
b1sync.zemanta.com/usersync/bluekai/callback/
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DH5SXQY3IMFXGOZJ5OBZGKYTJMQ&gdpr=0
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
26 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Protocol
HTTP/1.1
Server
64.202.112.255 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 20:24:49 GMT
P3p
CP="We do not support P3P header."
Content-Length
26
Content-Type
image/gif

Redirect headers

Location
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Date
Sun, 22 May 2022 20:24:49 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4028
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=40ee1c490fffb4aa652bd183e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YoqcDqa9EIQ3upvl3ZMnoAAA%26128
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
298
Expires
Sun, 22 May 2022 20:24:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6FB9 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzOc3nXVUhmJOYJKUf2QxRm9u9UnXzkBw7HcvGGVlBF_cA3RkUGxYjVWT2DtfRovniGBP8gGQSpQT4V-XoZQ_fXDWEtP2Xq1pFO_A4WXxZROqSUoF5IxfCxw&sai=AMfl-YQ8HadKljTrmBizorcQ6LCMiYoUtIz5-GwTR4UO9kbXiIrUHiO1DTLTYXvPnsaB2tPPy-uUeO4Zy9tIU05AYi9cKzoCmpE_40eyq9YWTv5ZsUa2_eTgQ7uIG9_K&sig=Cg0ArKJSzNP8okvwCRicEAE&cid=CAASFeRoQIyJMRAI7YcbNuG-efJ3jVEZHw&id=ampim&o=315,522&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=628&tls=1629&g=100&h=100&tt=1629&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3518616171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 8999 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=381419749697304055279
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.175 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:49 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1e56c8a5-23e2-4a80-8ef5-aa3cd9b21b56
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAC6uk7FFTgAACrN1omqBg&dongle=bzwx
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAC6uk7FFTgAACrN1omqBg&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAC6uk7FFTgAACrN1omqBg&dongle=bzwx
Date
Sun, 22 May 2022 20:24:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189&dongle=4430
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-84651ace-b59a-4ff6-5ac7-2d0801649218$ip$149.56.153.189&dongle=4430
Date
Sun, 22 May 2022 20:24:49 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
c.gif
c.bing.com/ Frame 8999 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=381419749697304055279&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
etag
"84ab6ebff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 06942BB39C944EAFBEBBC0E256760FDF Ref B: YTO01EDGE0713 Ref C: 2022-05-22T20:24:49Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6542586661939034833&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6542586661939034833&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:49 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
86940816-9a27-45cb-b226-c85e5af2c562
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6542586661939034833&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&dongle=3995&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 22 May 2022 20:24:49 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 20:24:48 GMT
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=3941db53-da0d-11ec-9787-fd5140d466c9&dongle=d54f&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=3941db53-da0d-11ec-9787-fd5140d466c9&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=3941db53-da0d-11ec-9787-fd5140d466c9&dongle=d54f&gdpr=0&gdpr_consent=
Date
Sun, 22 May 2022 20:24:49 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
3aab2f1a-da0d-11ec-95ba-bbc9c32010ed
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2740194895956978880&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2740194895956978880&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2740194895956978880&dongle=d407
pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YoqcDgADRCjODwAj&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YoqcDgADRCjODwAj&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653251090.530749,VS0,VE0
x-served-by
cache-yul12821-YUL
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YoqcDgADRCjODwAj&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 8999
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=50aae929-4949-402d-be95-e0a3492c1ff4&dongle=31ac
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=50aae929-4949-402d-be95-e0a3492c1ff4&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=50aae929-4949-402d-be95-e0a3492c1ff4&dongle=31ac
date
Sun, 22 May 2022 20:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
activeview
pagead2.googlesyndication.com/pcs/ Frame AA48 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvChj3eE31f8qXWnMPSowlLu93EllFnoQxEu0OiT9TVCwDtPcNS6MBSBG4HS6bpKw6-KjAd6mGCzTJFtlg55UJzUm-kMhvsR0IfKfJOJY92JEVaO862KLJfHA&sai=AMfl-YSgMgnLDNfBxPv_i6cwjPV3v_XrGazzqpdh6NybJxwzY6tOgdxPwCWS_QDTV9LFe-_x3NWMJqsdSpXWs60f1-WE3Et4LLdnkVDrYDb5NcT395FjnnoNqXcs8VXd&sig=Cg0ArKJSzP6XwyexPZQ0EAE&cid=CAASFeRotvwv2XiuDux69HrLmtS59tpXrg&id=ampim&o=315,1003&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,0,1012,1012&tos=0,0,0,1012,0&tfs=619&tls=1631&g=78.79999876022339&h=78.79999876022339&tt=1631&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2335164498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1aAa8nxkRmJlVjlMRnA2bjBwRUcxU3QyYnlkb3k2TmI1dkxzVk9OaHJoNERIMnNoSzY0QzYvZzJuVlJlYjRCSzNMckNJM1puWWg0MkE5T1BpZnNISTY5bE02bjNsZkZreEc0MEFHYVVaTU9ZcjRyMFpyVzZCQXRWbTA0MHFNOEJ4TncxempMa1J1OXA5c3R4eC9NY25UNjBJNVpIOHJTNmtwWWZWUTRCZ1BYU1pYV2N5aFlVZXBLNk5YbUc0YUx1cXVEeVZ6Q004Uyt6UWhJclQ2RFUzK2lVMHFTUDlFYkhUVm5sZUxnR29OUUE5UldHWnhoUjZiVUJkdHo4UGx5RzVvNzVZSHFRcUFnd2c1QnF4L1hoUTVldTZPUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 22 May 2022 20:24:48 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1217
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F57B 		42 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BevK0EJyKYr7mJdmDjvQPm42ZwAzxmeucRgAAABABIInylR04AVjr3LXGgwRgyYb_h_Cj7BKyAQtkbC1maWxlLmNvbboBBzF4MV94bWzIAQXaAUBodHRwczovL2RsLWZpbGUuY29tL2c2emtwY3pnaHFkci9CYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhci5odG1smALOSKkCWOMO4LD1tD7AAgLgAgDqAkgvNjkyODc5My9kbC1maWxlLTYxZGVhZTQ4Y2EyMjgvZGwtZmlsZS1JbnN0cmVhbS1Ob3ZhLUNvcmUxLTYxZGViMjExZGM0Yjj4AvTRHpADpAOYA4wGqAMB4AQB0gUGEOmvtLQWkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHH9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=P01RC6neZr4&label=video_ad_loaded&acvw=&sdkv=h.3.516.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYwMTU0OTAwMjUyDDEzODM5MTk0MDcxNUChAVIoCJAFEA8lAAD4QSgBOgtFem5iQnNIcWwxQUILZ29vZ2xldmlkZW9QABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F57B 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxWPuKs4Adqtn8qQda6vZ3qVpDerVJIO6jKVzkTNsLLtwluhQMKm3kNvrJA_5RML-2nKEXuPcP5X6twSIfoIeHYb2aA2gSrjgw541Sq-JHr7HJim04bbQQnZXLskYjKQEQ2WqpuHMqqyzZ01DnfeovDrpv87Pz8rrotf3_k5X0rKcYbrhacZTZSNbclp_bKAfxEHjkCjl3eZ0FR0XPhnkHgPI9gaXeryfX6-LemCJB5w6fKq2GvVuNnxmgxa19X8TwYbd5r6Svp4iZ2banN78KhE5EOdVZTyVua_7-xeVVVSmJGnnCPS82C5ojqHd87sctA66cJgy25pcJ7ebrQhxxss7sYpOIc94gYpefDi_2ncXoo3n6DCLO09yRkR_ez6_r4bc&sig=Cg0ArKJSzKNBxmwr-X5BEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.516.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F57B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BevK0EJyKYr7mJdmDjvQPm42ZwAzxmeucRgAAABABIInylR04AVjr3LXGgwRgyYb_h_Cj7BKyAQtkbC1maWxlLmNvbboBBzF4MV94bWzIAQXaAUBodHRwczovL2RsLWZpbGUuY29tL2c2emtwY3pnaHFkci9CYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhci5odG1smALOSKkCWOMO4LD1tD7AAgLgAgDqAkgvNjkyODc5My9kbC1maWxlLTYxZGVhZTQ4Y2EyMjgvZGwtZmlsZS1JbnN0cmVhbS1Ob3ZhLUNvcmUxLTYxZGViMjExZGM0Yjj4AvTRHpADpAOYA4wGqAMB4AQB0gUGEOmvtLQWkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHH9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=P01RC6neZr4&label=vast_creativeview&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D773,-1800,998,-1400%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30093%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1142%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D349581859%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1653251087504%26ptlt%3D1653251089558%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1653251088898&sdkv=h.3.516.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYwMTU0OTAwMjUyDDEzODM5MTk0MDcxNUChAVIrCJAFEA8lAAD4QSgBOgtFem5iQnNIcWwxQUILZ29vZ2xldmlkZW9I-ARQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F57B 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswyO3wJUfui20DjG5LLhN8eePx_a1CKujTr78IR8Bjoo3nFEoKt0Um7UlYXjx-wluta1OJCOdJDu5f7TsF6LgwTUbXvfshBLkvQS8rPdmZwunYf7Qo&sig=Cg0ArKJSzJH0SYCQ6GV9EAE&id=lidarv&acvw=sv%3D925%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D773,-1800,998,-1400%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30093%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1142%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D349581859%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1653251087504%26ptlt%3D1653251089561%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653251088898&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F57B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BevK0EJyKYr7mJdmDjvQPm42ZwAzxmeucRgAAABABIInylR04AVjr3LXGgwRgyYb_h_Cj7BKyAQtkbC1maWxlLmNvbboBBzF4MV94bWzIAQXaAUBodHRwczovL2RsLWZpbGUuY29tL2c2emtwY3pnaHFkci9CYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhci5odG1smALOSKkCWOMO4LD1tD7AAgLgAgDqAkgvNjkyODc5My9kbC1maWxlLTYxZGVhZTQ4Y2EyMjgvZGwtZmlsZS1JbnN0cmVhbS1Ob3ZhLUNvcmUxLTYxZGViMjExZGM0Yjj4AvTRHpADpAOYA4wGqAMB4AQB0gUGEOmvtLQWkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHH9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=P01RC6neZr4&label=part2viewed&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D773,-1800,998,-1400%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30093%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1142%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D349581859%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1653251087504%26ptlt%3D1653251089563%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653251088898&sdkv=h.3.516.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYwMTU0OTAwMjUyDDEzODM5MTk0MDcxNUChAVIrCJAFEA8lAAD4QSgBOgtFem5iQnNIcWwxQUILZ29vZ2xldmlkZW9I-ARQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F57B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BevK0EJyKYr7mJdmDjvQPm42ZwAzxmeucRgAAABABIInylR04AVjr3LXGgwRgyYb_h_Cj7BKyAQtkbC1maWxlLmNvbboBBzF4MV94bWzIAQXaAUBodHRwczovL2RsLWZpbGUuY29tL2c2emtwY3pnaHFkci9CYW5rc18yMDEyX0NoZXZ5MTMxMjE3LnJhci5odG1smALOSKkCWOMO4LD1tD7AAgLgAgDqAkgvNjkyODc5My9kbC1maWxlLTYxZGVhZTQ4Y2EyMjgvZGwtZmlsZS1JbnN0cmVhbS1Ob3ZhLUNvcmUxLTYxZGViMjExZGM0Yjj4AvTRHpADpAOYA4wGqAMB4AQB0gUGEOmvtLQWkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHH9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=P01RC6neZr4&label=admute&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D773,-1800,998,-1400%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D18%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D18%26pst%3D-1%26dur%3D30093%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D18%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1142%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D349581859%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1653251087504%26ptlt%3D1653251089567%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653251088898&sdkv=h.3.516.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYwMTU0OTAwMjUyDDEzODM5MTk0MDcxNUChAVIrCJAFEA8lAAD4QSgBOgtFem5iQnNIcWwxQUILZ29vZ2xldmlkZW9I-ARQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTAzp2VlqzVlVGygZT0kNwUmMwUkMDt2JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTpjODtmNmUzrD00MDAzrT0lMwUzoXN0YT0kNmA3ODQjMCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzqzyxX2F0nT1xoC1znWkyLUyhp3RlZWFgLU5iqzEgQ29lZTEgNwFxZWIlMTFxYmRvOCZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM1MxQmMwMlNUYmMwMmN0Q3QwpmMmEmNmMjMmpmODM0MmAmMDqEN0I0MmMmMmE3RDqCNTM1QTQ3Nmp3NDVBNxQ2QmpmNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp2MTU3NxM3ODUlNTpmNTZGNTx1NmM1NxE1QTU2NDI3OTVBNTp0QTpjNUE0MmQkNmY0OTQ0NDx2NmRDNmx0MwZCNUE1NmVBNwt2NDU3NmtmMDqEN0I0QmMkMmImNwM2MmM3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MTQ5LwU2LwE1Ml4kODxzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTAkLwAhNDx1MS42NCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwI4YTywMGRyMzJvMvZlqz49MTIkNTAzY29hqGVhqEZcoGVJZD0lMTx4NTx3Jz1yZGyuUGkurUkcp3RJZD0kMTQmOSZgZWRcYUkcp3RJZD0lNwEkMCZcp0V4Y2k1ZGVGpz9gT3B0PTAznXNDYWNbZWRCnWQ9MCZwo250ZW50TWF0Y2uUrXByPSZmp3BsYWRioT0zZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA4OTU5NvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
moatvideo.js
z.moatads.com/networknjsvideoprimis955595622941/ 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/networknjsvideoprimis955595622941/moatvideo.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9ce137cea295438ce2c8dc8f14054444b29979f04f98c9c55ed2e43e44859233

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
content-encoding
gzip
last-modified
Thu, 12 May 2022 16:31:36 GMT
server
AmazonS3
x-amz-request-id
99ZPA0A83SVNZ4TH
etag
"aa8e1c6854ae74dac477d5703fa2f93f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=42996
accept-ranges
bytes
content-length
107367
x-amz-id-2
dsGLkP78Nw8K6mNEMTjMveIV2jV46/mUaF/t5N8bTeefdkLgnhErGMIBxk/LPiMPDpsshMLsYgY=
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTpzp2VlqzVlVGygZT0kNwUmMwUkMDt2JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTpjODtmNmUzrD00MDAzrT0lMwUzoXN0YT0kNmA3ODQjMCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzqzyxX2F0nT1xoC1znWkyLUyhp3RlZWFgLU5iqzEgQ29lZTEgNwFxZWIlMTFxYmRvOCZ1p2VlSXBBZGRlPTE0OS41Nv4kNTMhMTt5JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNwQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlOGE5YmBxZTJvYwIzpaZhPTElMTUjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NTMlNTEjODx2MDMzqWyxPVNyn2yhZG9TUGkurWVlNwI4YTywMGUkMTp3YlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxoC1znWkyLzNioSUlRzp2rzgjY3canHFxpvUlRxJuozgmXmIjMTJsQ2uyqaxkMmElMTphpzFlLzu0oWjzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXE=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F6C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLHloZwEj54F8qbGotl-OFyOG__sl5jL9zGPzxCh58098VgVgTXE16CC_peclFvDN_MnNilvv8CTiPfgjw4lOfu9DtksmaNtQ-doPIpl3i9WWP5kz2ppjJJg&sai=AMfl-YSHLgOgLZePsCv2L3MMmmbu_w6K6sV2dxKlAYNjCk0nMg8UyFbpdVjdlIW-C4jDWzkcofL3-OhCfsRMGfvEHP70zeGmeZJ5d3eBG_UAwMP0ldCbHeK7IIdR4jjO&sig=Cg0ArKJSzDTmS8rQHgD4EAE&cid=CAASJeRo08hgpBm6RaAjNIlQ_YHSLvlidpktXRwJDc9eIgGsTwjJXmk&id=lidar2&mcvt=1025&p=1110,436,1200,1164&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1698332873&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653251087845&rpt=723&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4028
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=7d6cbdb6b62e36e844bcc7d...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
49 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 22 May 2022 20:24:49 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 20:24:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051701&jk=4124736697175395&bg=!SkmlSQ3NAAZ4vKt9WLw7ACkAdvg8WmI6ZXBzSR9ym_3iwlL7x9ovlDSu5fzqRppLF1bThmDOeA-qCQIAAAJAUgAAAA1oAQcKAANaR6qZApo1GujvGEeY5qGI_KQ8hBvT7H3MxrR61xR-gJNJ1qe1Hn80dAM7GyMs2qFRhOahhCm-ImMY8KJmGP3jukaUGA8tVaTvRAMxFS075uNdJNNbCgC2IUI6C5GqZS4GLEIoJkEkorqlvu251Lr25au4wU18lIDyr0go_8iP7__LQkC1HxoD-M4qBvVOoJsz0mQwxNwN2bfNCqXjCtF3n7GE42VQm2_6P90ccwc9C5UO3CCqOE2On17EBaiN45ZcR44CmtlzsnPJLV2lRPJQOAwgnXUPc0VdT9ro5-qcjthskKb9gQeefqxriU0OVMAvQKmrCdBUNFeH0ayOiAw_YhEGuEi7rXhnHrJTeQtjoXWpoLBtWvtVXgpM3z9OdCnPLXjmpmtjpXS3Il7AGahrkLCnqxqyrM9eOfREGbEE-uc7kCUqaUNMVyxB-fczRsc9ZnHbaOA5ZGIHmRHN7LxjsOMCwd2UvMP78ldeabIQU2wsV4iPgQj438qpyH0OVyv2WZ5_xb4-IMJ0iXP2dT29ofxui9Wx7gzNduBdjMaDMMDW0TYhhafVshdEz5NCz14z2Gd2FGIgSvBTqhCeYUJzKXPoGI5Co8U9dYhxC4MA2VevmEk1Pg8OYVhRvH4SIlfnu8KUou8DO6M--EbFMvRpKPSFfqBQwtOZkckwKxWE7x_asyKjvbi9V8yPx--XY7oes5fZQjrWYt32MUTuFjL05e-PC64ikpoywCD911hy2aftbBaSK-q7_l5_bwpBl7Kp8DCdYdsejf1nslNU7XgKJq42Kpl_CefRvZLmMJNHpxxzVS1ZVQ6EW7Sx_hibYRyAQMFFvps0XWkAeKhxQASTJqPHaNHY5AJdGAeagOuSoB0myRhSFq3bvY0PBU5j4Uc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=NETWORKNJSVIDEOPRIMIS1&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1653251089689&de=839602362108&m=0&ar=8d467bec877-clean&iw=e819503&q=3&cb=0&ym=0&cu=1653251089689&ll=2&lm=0&ln=0&em=0&en=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&bo=dl-file.com&bd=dl-file.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=networknjsvideoprimis955595622941&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A696%3A696%3A1741%3A695&fs=198321&na=1656891862&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:49 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=https%3A%2F%2Fdl-file.com%2F%2Fg6zkpczghqdr%2F-&i=NETWORKNJSVIDEOPRIMIS1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=8&g=0&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=885&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&f=0&j=&t=1653251089689&de=839602362108&cu=1653251089689&m=42&ar=8d467bec877-clean&iw=e819503&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=885&lb=3649&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A696%3A696%3A1741%3A695&as=0&ag=5&an=0&gf=5&gg=0&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=5&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=9&cd=0&ah=9&am=0&dq=9&dr=0&ds=9&dt=0&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&bo=dl-file.com&bd=dl-file.com&gw=networknjsvideoprimis955595622941&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198321&na=585537359&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:49 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=NETWORKNJSVIDEOPRIMIS1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=8&g=1&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=885&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&f=0&j=&t=1653251089689&de=839602362108&cu=1653251089689&m=44&ar=8d467bec877-clean&iw=e819503&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=885&lb=3649&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A696%3A696%3A1741%3A695&as=0&ag=5&an=5&gf=5&gg=5&ez=1&aj=1&pg=100&pf=100&ib=1&cc=0&bw=5&bx=5&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=9&cd=9&ah=9&am=9&dq=9&dr=9&ds=9&dt=9&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&bo=dl-file.com&bd=dl-file.com&gw=networknjsvideoprimis955595622941&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198321&na=572267910&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:49 GMT
img
ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/ Frame 4028
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=0bc6ff3c6675c9d84ab49e43a37180e72fe1de0058abb2be2d8fb3703bd5d776&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf488b8cea7b...
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=42&gdpr=0&tpuid=257778268428343628
49 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=42&gdpr=0&tpuid=257778268428343628
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
server
nginx
location
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?tpid=42&gdpr=0&tpuid=257778268428343628
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4028
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=af93f6ef-f16d-4099-b899-77901b9bf8e0&gdpr=0
49 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=af93f6ef-f16d-4099-b899-77901b9bf8e0&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:49 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=af93f6ef-f16d-4099-b899-77901b9bf8e0&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1105249
content-length
0
expires
Sun, 22 May 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4028
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=10ddedfcdc15101169fa819a...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
49 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 22 May 2022 20:24:50 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 20:24:49 GMT
img
ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/ Frame 4028
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=2667f2b6fabc683e51c3a9be963ee95c263bebe6e5eb529ca0ad348ce553cba9&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295...
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?uid=2667f2b6fabc683e51c3a9be963ee95c263bebe6e5eb529ca0ad348ce553cba9&tpid=38&gdpr=0&tpuid=CAESEBLz9tiJmWrfXgir8vu5aS8...
49 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?uid=2667f2b6fabc683e51c3a9be963ee95c263bebe6e5eb529ca0ad348ce553cba9&tpid=38&gdpr=0&tpuid=CAESEBLz9tiJmWrfXgir8vu5aS8&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/img?uid=2667f2b6fabc683e51c3a9be963ee95c263bebe6e5eb529ca0ad348ce553cba9&tpid=38&gdpr=0&tpuid=CAESEBLz9tiJmWrfXgir8vu5aS8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame D7F3 		95 B
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/png
date
Sun, 22 May 2022 20:24:50 GMT
server
nginx/1.14.2
events
api.permutive.com/v2.0/batch/ 		301 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c3e2413eab4e700ddaff711c14bf15ad5615daa34aebcf16c99a6096b95a4ede

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:50 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://dl-file.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
js
ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/ Frame 4028
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=ed70a22222759df36cfdc10230f640b85a4285b742a3d6edb7eaa4e134f2e855&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad394ddf48...
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=ed70a22222759df36cfdc10230f640b85a4285b742a3d6edb7eaa4e134f2e855&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F295fad39...
  • https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/js?tpid=48&tpuid=010993b64b2117f90b442d53523469f5
44 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/js?tpid=48&tpuid=010993b64b2117f90b442d53523469f5
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de8fae08c5501b21d8d32a480e1b209c10a2def05cbf65db773d3af28c65a32c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

location
https://ih.adscale.de/sium/295fad394ddf488b8cea7be91bd7ae43/1653251088710/0/js?tpid=48&tpuid=010993b64b2117f90b442d53523469f5
date
Sun, 22 May 2022 20:24:51 GMT
content-type
text/plain; charset=utf-8
content-length
147
vary
Accept
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=NETWORKNJSVIDEOPRIMIS1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=2&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=885&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&f=0&j=&t=1653251089689&de=839602362108&cu=1653251089689&m=1218&ar=8d467bec877-clean&iw=e819503&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=885&lb=3649&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A696%3A696%3A1741%3A695&as=1&ag=1191&an=5&gi=1&gf=1191&gg=5&ez=1&kw=994&aj=1&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1191&bx=5&jz=994&dj=1&dx=1&aa=1&ad=1098&cn=0&gn=1&gk=1098&gl=0&cp=994&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=994&cd=9&ah=994&am=9&dq=994&dr=9&ds=994&dt=9&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=0&vt=26&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=16&eb=1&ec=5699&ef=1&rf=0&re=0&cl=0&at=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&bo=dl-file.com&bd=dl-file.com&gw=networknjsvideoprimis955595622941&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198321&na=790823706&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:50 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=NETWORKNJSVIDEOPRIMIS1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=3&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=885&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&f=0&j=&t=1653251089689&de=839602362108&cu=1653251089689&m=1220&ar=8d467bec877-clean&iw=e819503&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=885&lb=3649&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A696%3A696%3A1741%3A695&as=1&ag=1191&an=1191&gi=1&gf=1191&gg=1191&ez=1&kw=994&aj=1&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1191&bx=1191&jz=994&dj=1&dx=1&aa=1&ad=1098&cn=1098&gn=1&gk=1098&gl=1098&cp=994&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=994&cd=994&ah=994&am=994&dq=994&dr=994&ds=994&dt=994&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=26&vt=26&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=16&eb=1&ec=5699&ef=1&rf=0&re=0&cl=0&at=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&bo=dl-file.com&bd=dl-file.com&gw=networknjsvideoprimis955595622941&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198321&na=899661094&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:50 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=false&k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 20:24:51 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
liveMatching.php
live.primis.tech/live/ Frame FDC3 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D32325F32337D7B7331373037383430307D7B4333317D7B535A4777745A6D6C735A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B7251554A554943386761576C785257356F5957356A5A5642795A574A705A434176494449674C79426B5A575A68645778307D7B4C31323636337DFEFE&userIpAddr=149.56.153.189&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&debugInformation=ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&kv_enc_1=url%3D%252Fg6zkpczghqdr%252FBanks_2012_Chevy131217.rar&isWePassGdpr=1&schain=1.0%2C1%21network-n.com%2Cpa_f06496e7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=628a9c0de2bb2&debugInfo=17078400_ABT+%2F+iiqEnhancePrebid+%2F+2+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17078400&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cafjgvulrox&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=90&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.4995&geoLong=-73.5848&vpTemplate=12663&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=dl-file.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=77604859-ffe0-4bc9-9ccd-67044cad2410
Requested by
Host: 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
URL: https://00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app/00917082-71e9-498e-8343-00c3df06b798-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://dl-file.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
content-encoding
gzip
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
via
1.1 google
/
de.tynt.com/deb/ Frame 55DC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
8dcd1d39023c2158247a90fd84a032772eb47de07bd58eea319fab32c8ce1fa8

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1526
content-type
text/html
date
Sun, 22 May 2022 20:24:50 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 22 May 2022 20:24:51 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8340000A
sium
ih.adscale.de/ Frame 4028 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.213.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-213-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Sun, 22 May 2022 20:24:51 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
usync.html
eus.rubiconproject.com/ Frame 2A28
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:51 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 22 May 2022 20:24:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
u.4dex.io/ Frame 55DC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1653251091502.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=2105641270534
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=2105641270534
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=2105641270534
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 55DC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a94216a6-1ccb-538e-987b-cc1dfaf1500e&ssp=the33across&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:52 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
date
Sun, 22 May 2022 20:24:52 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 55DC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1653251091502.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 22 May 2022 20:24:51 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=afb5628a-9c0e-4600-94cb-309c0e1eca58
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 20:24:50 GMT
match
events-ssc.33across.com/ Frame 55DC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yEngHIpE2uFGhrZhLNYfX2J5De0bPAOg~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yEngHIpE2uFGhrZhLNYfX2J5De0bPAOg%7EA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yEngHIpE2uFGhrZhLNYfX2J5De0bPAOg%7EA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:50 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yEngHIpE2uFGhrZhLNYfX2J5De0bPAOg%7EA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 55DC
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=d60785771c1121c&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGbw-uxmTMRwNaOgVJAAAAAAA&expiration=1653337491&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGbw-uxmTMRwNaOgVJAAAAAAA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGbw-uxmTMRwNaOgVJAAAAAAA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGbw-uxmTMRwNaOgVJAAAAAAA&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 55DC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1655843091%26external_user_id%3De7d976ba-c653-41a4-983d-9d0c2b298e72
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1655843091&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1655843091&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1655843091&external_user_id=e7d976ba-c653-41a4-983d-9d0c2b298e72
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 2A28 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b513f20f35c4a08a1922a5476b764b7ef88ed1358fd082fb1dc609c0d901337e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 17:10:31 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13300
content-type
text/html; charset=UTF-8
content-length
9448
expires
Mon, 23 May 2022 00:06:31 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTEmJaNypaZypyRcoWU9MTY1MmI1MTA4NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE3MDt4Mmp1Jat9NDAjJax9MwI1Jz1mqGE9MTpjNmt0MDAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow1xoC1znWkyLzNioSZmqWJJZD1xoC1znWkyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlMGycpUVhnGFhY2VQpzVvnWQyMwAyMxYyMwAlJTIjJTJGJTIjZGVzYXVfqCZcp0FjpD0jJaZcZF9uqGx9ZGjgZzyfZS1JoaN0pzVuoS1Oo3ZuLUNipzUkLTYkZGVvMwEkZGM0YwtzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDEhMC40OTUkLwY0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwuuOWMjZGUlYzIlJaJ2ow0kMwE1MCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZmp3BsYWRioT0zZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA5MTU5OSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
match
events-ssc.33across.com/ Frame 2A28
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=L3HR0EPW-1N-ILOC
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L3HR0EPW-1N-ILOC&gdpr=0&gdpr_consent=undefined
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3HR0EPW-1N-ILOC&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3HR0EPW-1N-ILOC&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3HR0EPW-1N-ILOC&ts=1653251091&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F57B 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswyO3wJUfui20DjG5LLhN8eePx_a1CKujTr78IR8Bjoo3nFEoKt0Um7UlYXjx-wluta1OJCOdJDu5f7TsF6LgwTUbXvfshBLkvQS8rPdmZwunYf7Qo&sig=Cg0ArKJSzJH0SYCQ6GV9EAE&id=lidarv&acvw=sv%3D925%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D885,1200,1110,1600%26tos%3D2030,0,0,0,0%26mtos%3D2030,2030,2030,2030,2030%26amtos%3D0,0,0,0,0%26mcvt%3D2030%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2251%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D424%26pst%3D422%26dur%3D30093%26vmtime%3D2200%26dtos%3D2030%26dtoss%3D1%26dvs%3D2030%26dfvs%3D2030%26dvpt%3D2233%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1142%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D349581859%26psm%3D-2147483641%26psv%3D7%26psfv%3D7%26psa%3D0%26pnmm%3D1653251087504%26ptlt%3D1653251091799%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2030&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1653251088898
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=NETWORKNJSVIDEOPRIMIS1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=4&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=885&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&f=0&j=&t=1653251089689&de=839602362108&cu=1653251089689&m=2226&ar=8d467bec877-clean&iw=e819503&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=885&lb=3649&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A696%3A696%3A1741%3A695&as=1&ag=2199&an=1191&gi=1&gf=2199&gg=1191&ez=1&ck=2199&kw=994&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=2199&bx=1191&ci=2199&jz=994&dj=1&dx=1&undefined=1&aa=1&ad=2106&cn=1098&gn=1&gk=2106&gl=1098&co=2106&cp=994&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2003&cd=994&ah=2003&am=994&dq=2003&dr=994&ds=2003&dt=994&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=26&vt=48&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=16&eb=1&ec=5699&ef=1&rf=0&re=0&cl=0&at=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&bo=dl-file.com&bd=dl-file.com&gw=networknjsvideoprimis955595622941&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198321&na=34549331&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:51 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=NETWORKNJSVIDEOPRIMIS1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=5&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=885&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&f=0&j=&t=1653251089689&de=839602362108&cu=1653251089689&m=2236&ar=8d467bec877-clean&iw=e819503&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=885&lb=3649&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A696%3A696%3A1741%3A695&as=1&ag=2199&an=2199&gi=1&gf=2199&gg=2199&ez=1&ck=2199&kw=994&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=2199&bx=2199&ci=2199&jz=994&dj=1&dx=1&undefined=1&aa=1&ad=2106&cn=2106&gn=1&gk=2106&gl=2106&co=2106&cp=994&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2003&cd=2003&ah=2003&am=2003&dq=2003&dr=2003&ds=2003&dt=2003&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=48&vt=48&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=16&eb=1&ec=5699&ef=1&rf=0&re=0&cl=0&at=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&bo=dl-file.com&bd=dl-file.com&gw=networknjsvideoprimis955595622941&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198321&na=2044858025&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:51 GMT
sync
ssbsync.smartadserver.com/api/ Frame ED97 		760 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.197 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
0b9ea8fbfcaabd130c99cbdffacddb9d34805a29c69a5a35ad08869ce53d5ee2

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
760
content-type
text/html
date
Sun, 22 May 2022 20:24:51 GMT
setuid
u.4dex.io/ Frame ED97 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=7226180436008749240&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:52 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame ED97
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=480adcd8-cfaa-4339-b3a0-ff999f424de2&gdpr_consent=null&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=480adcd8-cfaa-4339-b3a0-ff999f424de2&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=480adcd8-cfaa-4339-b3a0-ff999f424de2&gdpr_consent=null&gdpr=0
date
Sun, 22 May 2022 20:24:52 GMT
server
_
content-length
0
711890.gif
id.rlcdn.com/ Frame ED97 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 20:24:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/ Frame ED97
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=1Ys4HoGgsBHvDXk05p-c
43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=1Ys4HoGgsBHvDXk05p-c
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:51 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:52 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=1Ys4HoGgsBHvDXk05p-c
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame ED97
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1653251092529
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:52 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 20:24:52 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
chunklist_480.m3u8
video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/ 		443 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
8044ef044c627efdcb2b8abd8f94056b501ecd254d0cdd262bf1b5076a9f10da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:53 GMT
via
1.1 876e92db01d9014c2ee242623ecd97ee.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 10:51:02 GMT
server
Tengine
x-amz-cf-pop
EWR53-C1
etag
"0fb35a47878d7235408954732a2bb2e0"
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
expires
Mon, 23 May 2022 20:24:53 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
443
x-amz-cf-id
3Q5iA7yl9C8xWdvwcPRVLDFw7ED9gnwWAFfcUaCrHPZ6_xJNN6VBmA==
x-proxy-cache
HIT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE41 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131334
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 20:24:53 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 24 May 2022 08:53:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
w_480_00000.ts
video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/ 		351 KB
352 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
787702cb56b827ddb06f8441b9d8d2522f47ebda8b895de693165ce3dd1fecdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:53 GMT
via
1.1 85331abd84b5669394785900a34f7b14.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C1
content-length
359456
last-modified
Wed, 04 May 2022 10:51:02 GMT
server
Tengine
etag
"8641b59bc6191ee0a30ef121e11a99ce"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
fkUKiA9kzRsiWG-6MWyQuzNhr2vEZM3hp538lsS8JCVmVXSJy6Q-9Q==
expires
Mon, 23 May 2022 20:24:53 GMT
eaf14e7e-959f-4f1c-92ac-7cd4dbf84da3
https://dl-file.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dl-file.com/eaf14e7e-959f-4f1c-92ac-7cd4dbf84da3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
w_480_00001.ts
video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/ 		340 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
6d03e9f1314b2a3c47820f388e478967fb548ba11ee1be1d518da34c8987a2e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:53 GMT
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
content-length
347800
last-modified
Wed, 04 May 2022 10:51:02 GMT
server
Tengine
etag
"679464b985744a985a24b298dc48756c"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
Z0TkirD_fT7ie0DXkdM64kdXeRtT30SpWWkspvyTdmiGhrax8ERjZg==
expires
Mon, 23 May 2022 20:24:53 GMT
w_480_00002.ts
video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/ 		445 KB
446 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
e06844a840084101cffc8d6e89d2736f3c0920f8fdd7999b10aeb92539374b58

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:53 GMT
via
1.1 417930423b3ebe9eb0eaaf9d794d54e4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1
content-length
455336
last-modified
Wed, 04 May 2022 10:51:02 GMT
server
Tengine
etag
"94943d4d8f649d68a70df644197ec74d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
9vRUhIwkdKx9GcXyMNxRd6Y4hj-L5SDGYwRGtXFfD4l6LEFT_-2Ylw==
expires
Mon, 23 May 2022 20:24:53 GMT
w_480_00003.ts
video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/ 		465 KB
466 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
5d036c6b6e38a627f8ce276de12a42075bef89a668c2e029bb8ca982680a63d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:53 GMT
via
1.1 2b32055d9226f21c6a6dab015aed37ce.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
content-length
475828
last-modified
Wed, 04 May 2022 10:51:02 GMT
server
Tengine
etag
"3a128d8da18b940d178cb02e9bc8746d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
zUzErnlONHPH8dXEumG_-GSlMRLMdwQQYLa_eZJDvHtSSflLj1kLqw==
expires
Mon, 23 May 2022 20:24:53 GMT
w_480_00004.ts
video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/ 		496 KB
497 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
a757361cd33437a1a35f988c3871efbcdc3c6a11aceb203365bf932c5424ace8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:53 GMT
via
1.1 be84d08eeed51234cd122d3c30e6f7c0.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C1
content-length
508352
last-modified
Wed, 04 May 2022 10:51:02 GMT
server
Tengine
etag
"75303073411d16644239fc4b833cca14"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
ba9qLThWXgekvxLaDAg0y6fT8z1HGb1Sv6vFlvy_a2OlqtoVpwK41Q==
expires
Mon, 23 May 2022 20:24:53 GMT
w_480_00005.ts
video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/ 		498 KB
499 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn21/video/users/hls/28588/video_609bae6a84e18530638482/vid627259e8bdcb7894907578.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.244.49.55 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Tengine /
Resource Hash
54b2785b9d5f1f17cb6dd00823c3e6c1a006b4adfdc0c0127703d2ce05979d59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:24:54 GMT
via
1.1 61e47cd082bb04a8fb8ae61dd54f6b32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1
content-length
510044
last-modified
Wed, 04 May 2022 10:51:02 GMT
server
Tengine
etag
"02bdb9ae0947c8ce842730ed9b2af99e"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
2jV9c8wWNcFhpg1ijgyIAuv_9SMYk1UsUuzaxjVMVF_g42e_97sv5Q==
expires
Mon, 23 May 2022 20:24:54 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY1MmI1MTA4NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5NmQkJaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDEhMC40OTUkLwY0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwuuOWMjZGUlYzIlJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA5NDM5MvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:54 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
setuid
mp.4dex.io/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adagio&user_id=5ce8dca1-f37b-4774-91f6-cad51b77f2f5
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adagio&bsw_param=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&google_hm=ODgzMTA2ZTctY2MzZC00MzQ5LThjYTItZWI5ZTBmMWIwZjA1
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMIpmmWjbftW2o-bzGBuyeo&google_cver=1&ssp=adagio&bsw_param=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
  • https://mp.4dex.io/setuid?bidder=bidswitch&uid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&us_privacy=
0
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp.4dex.io/setuid?bidder=bidswitch&uid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
70f8472d0c6a4bbe-YUL
content-length
0
expires
0

Redirect headers

Location
//mp.4dex.io/setuid?bidder=bidswitch&uid=883106e7-cc3d-4349-8ca2-eb9e0f1b0f05&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 22 May 2022 20:24:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTY1MmI1MTA4NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5NmQkJaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPWRfLWZcoGUhY29gJaN1YxyxPWRfLWZcoGUhY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjnWykRW5bYW5wZVBlZWJcZCUlMCUlRvUlMDIyMwAyMxYyMwBxZWZuqWk0JzymQXBjPTAzqXNypxyjQWRxpw0kNDxhNTYhMTUmLwE4OSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDEhMC40OTUkLwY0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwuuOWMjZGUlYzIlJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MmI1MTA5NDUjNvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwuuOWMjZTEkNmqwJaB1YyVloD1bqHRjplUmQSUlRvUlRzRfLWZcoGUhY29gJTJGZmZ6n3BwrzqbpWRlJTJGQzFhn3NsMwAkMy9DnGV2rTEmMTIkNl5lYXIhnHRgoCZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.128.64.70 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:53 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&ra=2&vz=-&zp=3&zq=1.0&sgs=2&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=NETWORKNJSVIDEOPRIMIS1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-154pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDAIIfSUMgwAz1y1Vrr0xUE%3D&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=6&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=885&zGSRC=1&gu=https%3A%2F%2Fdl-file.com%2Fg6zkpczghqdr%2FBanks_2012_Chevy131217.rar.html&id=1&ii=4&f=0&j=&t=1653251089689&de=839602362108&cu=1653251089689&m=5048&ar=8d467bec877-clean&iw=e819503&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=885&lb=3649&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A696%3A696%3A1741%3A695&as=1&ag=5021&an=2199&gi=1&gf=5021&gg=2199&ez=1&ck=2199&kw=994&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=5021&bx=2199&ci=2199&jz=994&dj=1&dx=1&undefined=1&aa=1&ad=4928&cn=2106&gn=1&gk=4928&gl=2106&co=2106&cp=994&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5025&cd=2003&ah=5025&am=2003&dq=5025&dr=2003&ds=5025&dt=2003&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=48&vt=55&vd=0&zMoatSRE=0.046875&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=16&eb=1&ec=5699&ek=1&ef=1&rf=0&re=0&cl=0&at=0&d=%3ANetworkN_DL-File_Core_Through_GAM%3A%3A138391940715&bo=dl-file.com&bd=dl-file.com&gw=networknjsvideoprimis955595622941&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198321&na=572293783&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dl-file.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 20:24:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 22 May 2022 20:24:54 GMT
/
onetag-sys.com/usync/ Frame 1943 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Requested by
Host: dl-file.com
URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://dl-file.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-1190626119%26pcid%3D%5BRX_UUID%5D
Domain
amli.sekindo.com
URL
https://amli.sekindo.com/ups.analytics.yahoo.com/ups/58627/occ
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/intentiq/0?zcc=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D409511336%26pcid%3D%5BRX_UUID%5D&cb=1653251088893
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1310

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _Hasync function| setPagination object| Criteo number| bgcount function| changebg function| openNav function| closeNav object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_123 object| Criteo_123 function| chfh function| chfh2 string| _HST_cntval object| Histats object| gaplugins object| gaGlobal object| gaData object| nnads object| AdSlots object| _HistatsCounterGraphics_0_setValues object| recaptcha object| a object| cv object| Tynt object| _dtspv object| lotame_3825 number| char object| __connect object| _33Across function| __uspapi function| __tcfapi object| googletag boolean| enableSingleRequest function| generateAdSlot function| refreshAdSlots function| destroyAdSlots function| excludeAdSlots function| getAdSlotsInView function| getEmptyAdSlots function| getSlots object| pbjs function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_fa function| lt3825_ga function| lt3825_ha object| lt3825_ object| lt3825_6 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_e function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_ja function| lt3825_ia function| lt3825_k function| lt3825_l function| lt3825_ka function| lt3825_m function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_oa function| lt3825_la function| lt3825_ma function| lt3825_s function| lt3825_na function| lt3825_t function| lt3825_u function| lt3825_v function| lt3825_r function| lt3825_w function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_pa function| lt3825_A function| lt3825_B function| lt3825_qa function| lt3825_C function| lt3825_D function| lt3825_E function| lt3825_ra function| lt3825_G function| lt3825_H function| lt3825_F function| lt3825_sa function| lt3825_I function| lt3825_J function| lt3825_ta function| lt3825_ua function| lt3825_K function| lt3825_va function| lt3825_wa function| lt3825_xa function| lt3825_Ba function| lt3825_ya function| lt3825_za function| lt3825_Aa function| lt3825_Ca function| lt3825_Ea function| lt3825_Da function| lt3825_L function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_M function| lt3825_N function| lt3825_O function| lt3825_P function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_T function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_2 function| lt3825_Oa function| lt3825_Qa function| lt3825_Pa function| lt3825_3 function| lt3825_Ra function| lt3825_1 function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_4 function| lt3825_5 function| lt3825_Ya function| lt3825_Za function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_2a function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_7 function| lt3825_8 function| lt3825_8a function| lt3825_9a function| lt3825_7a function| lt3825_6a function| lt3825_ab function| lt3825_$a function| lt3825_cb function| lt3825_bb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_kb function| lt3825_nb function| lt3825_mb function| lt3825_jb function| lt3825_qb function| lt3825_lb function| lt3825_ob function| lt3825_sb function| lt3825_rb function| lt3825_tb function| lt3825_pb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_9 function| lt3825_xb function| lt3825_yb function| lt3825_zb function| lt3825_Ab function| lt3825_Bb function| lt3825_$ function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_Gb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Hb object| refreshAds function| refreshAdsClass function| refreshLabels function| refreshBids function| refreshAllBids function| primisTriggerSPATag object| ggeac object| google_js_reporting_queue undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_83218197 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadednetworknheader13924283968 object| moatPrebidApi undefined| google_measure_js_timing function| pbjsChunk object| _pbjsGlobals object| ADAGIO object| __underground object| _sp_queue object| _sp_ object| permutive object| apstag function| bfaDestroy object| AdEvents object| _sp_wp_jsonp boolean| apstagLOADED object| __bt_tag_d object| __bt_intrnl object| regeneratorRuntime object| pbstck object| pbstckQ object| Pubstack boolean| moatYieldReady object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent898 object| sas object| apntag object| _ADAGIO boolean| sekindoFlowingPlayerOn object| freewheelssp_cache object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms number| google_global_correlator object| ampInaboxIframes object| ampInaboxPendingMessages object| ONFOCUS object| closure_lm_324129 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests undefined| GLOBAL_VAR

278 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/an Name: oo
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQ9L_G644wCgoIgQIQ9L_G644wCgoI4gEQtsjG644wCgoI5gEQ9L_G644wCgoIhwIQ9L_G644wCgkICRD0v8brjjAKCQhJELbIxuuOMAoJCAsQ9L_G644wCgoIjAIQ9L_G644wCgoIzgEQtsjG644wCgoIjgEQtsjG644wCgoIkQIQ9L_G644wCgoIkgIQtsjG644wCgoIlAIQtsjG644wCgoI1gEQtsjG644wCgkIORC2yMbrjjAKCQg6EPS_xuuOMAoJCBsQtsjG644wCgkIXxD0v8brjjAKCQgfELbIxuuOMA==
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQrBI
.dl-file.com/ Name: lang
Value: english
dl-file.com/ Name: _gvst
Value: 2
dl-file.com/ Name: HstCfa4533243
Value: 1653251084819
dl-file.com/ Name: HstCla4533243
Value: 1653251084819
dl-file.com/ Name: HstCmu4533243
Value: 1653251084819
dl-file.com/ Name: HstPn4533243
Value: 1
dl-file.com/ Name: HstPt4533243
Value: 1
dl-file.com/ Name: HstCnv4533243
Value: 1
dl-file.com/ Name: HstCns4533243
Value: 1
.dl-file.com/ Name: _ga
Value: GA1.2.1924886024.1653251085
.dl-file.com/ Name: _gid
Value: GA1.2.1702677332.1653251085
.dl-file.com/ Name: _gat_gtag_UA_75596034_1
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1653251084
.dtscout.com/ Name: l
Value: 6D001653251084643A347CED243E8EEA
.dl-file.com/ Name: __dtsu
Value: 6D001653251084643A347CED243E8EEA
.onaudience.com/ Name: cookie
Value: e2cfb17ec86d9fa1
.onaudience.com/ Name: done_redirects109
Value: 1
.dtscdn.com/ Name: uid
Value: 6D001653251084643A347CED243E8EEA
.sharethis.com/ Name: __stid
Value: ZHsAAWKKnA0AAAAIEr7SAw==
.sharethis.com/ Name: __stidv
Value: 2
.tynt.com/ Name: uid
Value: CoIKS2KKnA0CWX01BXF4Ag==
dl-file.com/ Name: geo-store-location
Value: {"countryCode":"MY","stateProvCode":"06","stateProv":"Pahang","isEuMember":false,"version":"1.0"}
.tapad.com/ Name: TapAd_TS
Value: 1653251085347
.tapad.com/ Name: TapAd_DID
Value: 41c84834-87df-4e67-95cb-1060735f6550
.33across.com/ Name: 33x_ps
Value: u%3D2105641270534%3As1%3D1653251085411%3Ats%3D1653251085411
.go.affec.tv/ Name: ck
Value: 628a9c0dd6bfb40001b82880
.go.affec.tv/ Name: oo
Value: 1
.eyeota.net/ Name: mako_uid
Value: 180ed719480-1e60000010a41c0
.eyeota.net/ Name: SERVERID
Value: 16832~DM
.adsrvr.org/ Name: TDID
Value: e7d976ba-c653-41a4-983d-9d0c2b298e72
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: 4tL999tziZJ6eB1l
.lijit.com/ Name: ljt_reader
Value: Er1IbSZHEQFzpIZfRt6_Z4U8
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY1MzI1MTA4NSwiaWQiOiIxMjA4MzUxODQ4Nzk1NDcxNTU3IiwibHMiOjE2NTMyNTEwODV9LCJ0dCI6eyJkdCI6MTY1MzI1MTA4NSwiaWQiOiJDb0lLUzJLS25BMENXWDAxQlhGNEFnPT0iLCJscyI6MTY1MzI1MTA4NX0sInYiOjB9|1653251085|a06a5c62028afd23243190521a38b04e03afba38
.adnxs.com/ Name: uuid2
Value: 6542586661939034833
.doubleclick.net/ Name: IDE
Value: AHWqTUm6KbQwzbpLpTAzWgj8-b-G4RaEmmQWFiTgT-ELTd0h3o4Myjx2OHHdIocTkLs
.krxd.net/ Name: _kuid_
Value: O2mv5D1O
.criteo.com/ Name: uid
Value: af93f6ef-f16d-4099-b899-77901b9bf8e0
.dl-file.com/ Name: ccpaUUID
Value: 4527cd48-9911-4fde-87d2-eee71061c426
.dl-file.com/ Name: dnsDisplayed
Value: false
.dl-file.com/ Name: ccpaApplies
Value: false
.dl-file.com/ Name: signedLspa
Value: false
dl-file.com/ Name: consentUUID
Value: a4efb0d5-1b38-4b62-84f9-ecc02091bac3
.dl-file.com/ Name: permutive-id
Value: 55345293-dbc9-4934-b2ee-d44c5173723d
.primis.tech/ Name: csuuid
Value: 628a9c0de2bb2
.intentiq.com/ Name: IQver
Value: 1.9
.adsymptotic.com/ Name: U
Value: 6b09ca46c738626abd3a92773d5eb822
.liadm.com/ Name: lidid
Value: bf65d637-0090-4d62-b6b8-3c6d7ab2ec33
.simpli.fi/ Name: suid
Value: 598588BF699A41FFBCD52BD1BAC4F1E6
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 320ccd6ee26dd0ed1d01c6b9194fb816
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDYySE5OMUtNNTJLSTFITTFMMTBMNkuyNLQ0SUuyMDRjAIKkrjl8IBoC%2BDbP26fF%2BFGW4T8jI8OTFx91YexNfwphzGeL57DA2OeOHmKGsdtfNujB2N83ToGr2b3vsgBM%2FEPDfTj7MJI5q9c%2F5YapmXxCHcZ8twRhVS9CGABwtkYY"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI6prDB6QggJmBgWsGmLmoFUQyPqwHkgBVIwTE"
.dl-file.com/ Name: _cc_id
Value: 320ccd6ee26dd0ed1d01c6b9194fb816
.dl-file.com/ Name: _cc_cc
Value: ACZ4XmNQMDYySE5OMUtNNTJLSTFITTFMMTBMNkuyNLQ0SUuyMDRjAIKkrjl8IBoC%2BDbP26fF%2BFGW4T8jI8OTFx91YexNfwphzGeL57DA2OeOHmKGsdtfNujB2N83ToGr2b3vsgBM%2FEPDfTj7MJI5q9c%2F5YapmXxCHcZ8twRhVS9CGABwtkYY
.dl-file.com/ Name: _cc_aud
Value: ABR4XmNgYGBI6prDB6QggJmBgWsGmLmoFUQyPqwHkgBVIwTE
.dl-file.com/ Name: panoramaId_expiry
Value: 1653855886015
.dl-file.com/ Name: panoramaId
Value: 5d9aa80c509729575341e812e64816d53938278cc58d7eb944428a2165db6f26
.lijit.com/ Name: _ljtrtb_5014
Value: 6b09ca46c738626abd3a92773d5eb822
.lijit.com/ Name: _ljtrtb_2
Value: 598588BF699A41FFBCD52BD1BAC4F1E6
.bidswitch.net/ Name: tuuid
Value: 883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
.bidswitch.net/ Name: c
Value: 1653251086
.bidswitch.net/ Name: tuuid_lu
Value: 1653251086
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1653251086157
.ml314.com/ Name: pi
Value: 3627391049667706902
.yahoo.com/ Name: A3
Value: d=AQABBA6cimICEHyfteKRa8egdZQ2qQgQh6YFEgEBAQHti2KUYgAAAAAA_eMAAA&S=AQAAAn1wsz7HviOko251uCkmSIA
.intentiq.com/ Name: intentIQ
Value: osN6k4D2kJ
.exelator.com/ Name: EE
Value: "666f36a08e6fa27eb148bf1955312025"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHMzCzN2CzRwCLVLC3RyDw1ydDEIinN0NLU1NjQyMDIdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAcEl%252BUWb6ImfHxUUpaQyLSopPBR8o2wkAdmIp6w%253D%253D"
.intentiq.com/ Name: intentIQCDate
Value: 1653251086286
.rlcdn.com/ Name: pxrc
Value: CI64qpQGEgUI204QAA==
.amazon-adsystem.com/ Name: ad-id
Value: A5V4y2hlhEjUl-50S5dPmT4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.openx.net/ Name: i
Value: c4182a8b-751e-4eee-b7ee-0d14d166d431|1653251086
.spotxchange.com/ Name: audience
Value: 38d217dd-da0d-11ec-8eb3-1d3b083c0303
.rqtrk.eu/ Name: browser_id
Value: 1:04b590fc-695f-4080-8945-a7385db03741
.quantserve.com/ Name: mc
Value: 628a9c0e-811a7-63115-af4f9
.casalemedia.com/ Name: CMID
Value: YoqcDqa9EIQ3upvl3ZMnoAAA
.casalemedia.com/ Name: CMPS
Value: 471
dl-file.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.3lift.com/ Name: tluid
Value: 381419749697304055279
.surveywall-api.survata.com/ Name: svResp
Value: a6f51a11-a94a-6492-c927-768e63be88f8
.tremorhub.com/ Name: tvid
Value: 53a3185e737c4fb7ab973d665b5feed4
.truoptik.com/ Name: to_master_s
Value: c9b3e80032df4401a9d603ec557bf06a
.truoptik.com/ Name: to_version_s
Value: b2
.adstanding.com/ Name: _adstanding_id
Value: aa24cbad3edd9d07de7536ed62dcb932
.agkn.com/ Name: ab
Value: 0001%3Algm6GLqsC9dulmUEIXPALptwj7gbHD7B
.media.net/ Name: visitor-id
Value: 2962526861455797000V10
.media.net/ Name: data-pri
Value: 628a9c0de2bb2~~34
.videohub.tv/ Name: UIXX_UPDT
Value: "UILO=1653251086624"
.videohub.tv/ Name: uid
Value: CI-989b7e35b2ac3e85bb0e16f979d93d2f
.mathtag.com/ Name: uuid
Value: afb5628a-9c0e-4600-94cb-309c0e1eca58
.c.cintnetworks.com/ Name: TiPMix
Value: 9.73293126282827
.c.cintnetworks.com/ Name: x-ms-routing-name
Value: self
.adgrx.com/ Name: ADGRX_UID
Value: 38f5cf0e-da0d-11ec-a242-f3edface7b2c
.casalemedia.com/ Name: CMPRO
Value: 128
.sitescout.com/ Name: ssi
Value: af2914d0-b819-4bb9-81b4-7ae2b538da5f#1653251086701
.tremorhub.com/ Name: tvssa
Value: 1653251086711
.rubiconproject.com/ Name: khaos
Value: L3HR0EPW-1N-ILOC
.adgrx.com/ Name: ADGRX_CM_LOTAME_BRIDGED
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YoqcDgADRCjODwAj
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3428-2!3428
.intentiq.com/ Name: IQMediaNetCookieSync
Value: 1653251086768
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQTripleLiftCookieSync
Value: 1653251086813
.intentiq.com/ Name: IQBidswitchPrimisCookieSync
Value: 1653251086816
.intentiq.com/ Name: IQRubiconCookieSync
Value: 1653251086817
.intentiq.com/ Name: IQRubiconPrimisCookieSync
Value: 1653251086817
.zemanta.com/ Name: zuid
Value: 1Ys4HoGgsBHvDXk05p-c
.smaato.net/ Name: SCM
Value: 7033f0a3
.smaato.net/ Name: SCMaps
Value: 7033f0a3
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: n2lhgsuvcfpx25bp4flznvo5
.gumgum.com/ Name: vst
Value: u_c0ff111c-3347-493a-87ac-6fe27d4a00f7
.contextweb.com/ Name: V
Value: FTsOektZjWnj
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 703d1c0bae0d049e
.sharethrough.com/ Name: stx_user_id
Value: 00f5a4c2-8e7a-4507-ab2b-29856e0b6d7a
.yieldmo.com/ Name: yieldmo_id
Value: g446a9ba13a782515297%7C1653251086871%7C0%7C
.demdex.net/ Name: demdex
Value: 87599100878721057212117953507650655141
.smartadserver.com/ Name: pid
Value: 7226180436008749240
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.bidr.io/ Name: bito
Value: AAC6uk7FFTgAACrN1omqBg
.bidr.io/ Name: bitoIsSecure
Value: ok
.turn.com/ Name: uid
Value: 2740194895956978880
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 87599100878721057212117953507650655141
.pubmatic.com/ Name: SyncRTB3
Value: 1654387200%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0E1359AB-838C-4973-B167-836CD49FAED0
.console.adtarget.com.tr/ Name: vmuid
Value: c4982b3c6a31df6a
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.eqads.com/ Name: EQUser
Value: UID=ffb1dd88-779e-45e3-bfd0-31f6fc593266
.acuityplatform.com/ Name: auid
Value: 671066848977
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQDsuGVaamGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUA7LhlWmo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.intentiq.com/ Name: IQYieldmoCookieSync
Value: 1653251087090
.technoratimedia.com/ Name: tads_uid
Value: AABB9ADACF7E4362BF7ABA6AC7CFC581
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220522162447-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.outbrain.com/ Name: obuid
Value: 7ee7d08a-36a1-43ab-ae81-9bfd167faca9
.deepintent.com/ Name: CDIUSER
Value: di_f6318b90bd7741c0911cd
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-84651ace-b59a-4ff6-5ac7-2d0801649218.TOZnGI0HeZHlNiqxFLmjyS5fY%2FLRWtVvnJMqGxuFOaQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhGUazrWaT_Zaxy0IAWSSGJU4mb0.sLn4W6UPbnlnxKutur0OCtv0ECXxb6HFsghOowHMGek
ads.stickyadstv.com/ Name: UID
Value: 9af8fd9778abb37615ecf8cae54ca25
.ipredictive.com/ Name: cu
Value: 3941db53-da0d-11ec-9787-fd5140d466c9|1653251087169
.emxdgt.com/ Name: uid
Value: 77451653251087190954b2
.creativecdn.com/ Name: ts
Value: 1653251087
.creativecdn.com/ Name: u
Value: cARoN1Zi0F9JT8Xj9Aen
.360yield.com/ Name: tuuid
Value: e2706e76-314b-4c21-be50-680abe016322
.360yield.com/ Name: tuuid_lu
Value: 1653251087
.emxdgt.com/ Name: apn_id
Value: 6542586661939034833
.sitescout.com/ Name: _ssuma
Value: eyI0IjoxNjUzMjUxMDg3MTk3LCIyNyI6MTY1MzI1MTA4NzE5NywiMzkiOjE2NTMyNTEwODcxOTcsIjciOjE2NTMyNTEwODY3NTksIjUzIjoxNjUzMjUxMDg3Mjg0fQ
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: semiiilpqshkzr3dhmodhgo1
.ib.mookie1.com/ Name: ibkukiuno
Value: s=2019c69f-5945-43b0-8a54-e4af35aa357d&h=&v=2842097089&l=-8585483557982229310&op=&hl=0&vlu=3&tcs=1&dcc=-8585483557982229310
.ib.mookie1.com/ Name: ibkukinet
Value: 2503514557=-8585483557982229310
.adform.net/ Name: C
Value: 1
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwC-n-D5BgkEX1f6C3I4nXHLI0MOOEVpCPHGqvy2nmOp5IlTImr2radoQ5QC4TM1
.console.adtarget.com.tr/ Name: a307080
Value: cARoN1Zi0F9JT8Xj9Aen
.ads.yieldmo.com/ Name: ptrpp
Value: FTsOektZjWnj
.ads.yieldmo.com/ Name: ptrt
Value: e7d976ba-c653-41a4-983d-9d0c2b298e72
.ads.yieldmo.com/ Name: ptrstk
Value: hGUazrWaT_Zaxy0IAWSSGJU4mb0
.adform.net/ Name: uid
Value: 257778268428343628
.intentiq.com/ Name: IQCentroCookieSync
Value: 1653251087417
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1dz3|4is.0.CAESEOgP7WaMhQr0uGItTeT4bN0|7TY.0|7TZ.0.1|2N.0.AAAGbf7Vmj-2pAMswu6BAAAAAAA|3oy.0.af2914d0-b819-4bb9-81b4-7ae2b538da5f-628a9c0e-4341|7bq.0.1
.ads.yieldmo.com/ Name: ptrbsw
Value: 883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
.pubmatic.com/ Name: pi
Value: 156872:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.socdm.com/ Name: SOC
Value: YoqcD8Co8XgAADv0D44AAAAA
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.adscale.de/ Name: uu
Value: 5e6f3911535f43f0861f27ff82c9607d
.intentiq.com/ Name: IQPubmaticCookieSync
Value: 1653251087729
.mookie1.com/ Name: id
Value: 10593732964967993940
.mookie1.com/ Name: mdata
Value: 1|10593732964967993940|1653251087727
.mookie1.com/ Name: ov
Value: 22e9fdea3bd0d266e3b10480268341e9
.dl-file.com/ Name: __gads
Value: ID=da106d6ac536abbe:T=1653251087:S=ALNI_MZqs2HS-ZRL6Z9G_1a49D3cbdhX9Q
.dl-file.com/ Name: __gpi
Value: UID=000005e2d48ab72a:T=1653251087:RT=1653251087:S=ALNI_MbzsAney9mFMu60h0QB3vn5-r5o2g
.mfadsrvr.com/ Name: tuuid
Value: 50aae929-4949-402d-be95-e0a3492c1ff4
.mfadsrvr.com/ Name: c
Value: 1653251087
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1653251088012
.mookie1.com/ Name: syncdata_TAP
Value: 1
.ads.yieldmo.com/ Name: ptrz
Value: 1Ys4HoGgsBHvDXk05p-c
.console.adtarget.com.tr/ Name: a307565
Value: 5e6f3911535f43f0861f27ff82c9607d
.c3tag.com/ Name: C3UID-924
Value: 3829086341653251088
.c3tag.com/ Name: C3UID
Value: 3829086341653251088
.mfadsrvr.com/ Name: tuuid_lu
Value: 1653251088
.mfadsrvr.com/ Name: bsw_uid
Value: 883106e7-cc3d-4349-8ca2-eb9e0f1b0f05
.mookie1.com/ Name: syncdata_NEU
Value: 1
.intentiq.com/ Name: IQOpenxPrimisCookieSync
Value: 1653251088265
.lijit.com/ Name: ljtrtb
Value: eJwNyrsVwCAIAMBdqFMoAkI60biHn0yRl92Tq%2B8BhBPYlFW9i1mh2LvXxugteqnU4yVwAIdI%2F5QZbA2SlZMKypg7DcOc0%2BZ7KiK8HxEZE7o%3D
.lijit.com/ Name: _ljtrtb_8101
Value: osN6k4D2kJ
ads.stickyadstv.com/ Name: sessionId
Value: 6382b866644c0743c024b68709610
.doubleclick.net/ Name: DSID
Value: NO_DATA
.intentiq.com/ Name: IQSovernCookieSync
Value: 1653251088441
.intentiq.com/ Name: IQadv
Value: 1653251088441
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c31b5347-d4ae-4e4f-8d47-eb0115c5db88"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2387:u=1:x=1:i=1653251088:t=1653337488:v=2:sig=AQEW6L65wJGYJU9Xqd6wyo9Od7qx4XD4"
dl-file.com/ Name: pbjs-unifiedid_last
Value: Sun%2C%2022%20May%202022%2020%3A24%3A48%20GMT
.casalemedia.com/ Name: CMRUM3
Value: 04628a9c0f27602740194895956978880&e6628a9c0e2760&2d628a9c102760CAESEAwGW-nXm2W_q2QhlTf_IKA&28628a9c0f2760ffb1dd88-779e-45e3-bfd0-31f6fc593266&9c628a9c0f276070d87672-d46b-46ef-a42e-6a527caea7db&2e628a9c0f27606542586661939034833&0a628a9c0f2760671066848977&82628a9c0fa8c0&f1628a9c0e05a0&29628a9c0f05a0&03628a9c0f05a0&18628a9c0f276009a5d017-5eaf-4f20-8c99-f6f092fcae3d&ce628a9c0f05a0&49628a9c0f05a0&27628a9c0f2760e7d976ba-c653-41a4-983d-9d0c2b298e72
.fwmrm.net/ Name: _uid
Value: "h8021_7100659355036967084"
.intentiq.com/ Name: IQSpotXPrimisCookieSync
Value: 1653251088633
.linkedin.com/ Name: li_sugr
Value: 5c9075e3-9435-48cf-b048-2b3e8c7caa32
.id5-sync.com/ Name: 3pi
Value:
.media.net/ Name: data-tam
Value: setstatuscode~~35
.media.net/ Name: data-mm
Value: afb5628a-9c0e-4600-94cb-309c0e1eca58~~8
.media.net/ Name: data-ttd
Value: e7d976ba-c653-41a4-983d-9d0c2b298e72~~1
.media.net/ Name: data-g
Value: CAESEKW90RnYL4DmsO2Qf8bdYK4~~8
.media.net/ Name: data-mf
Value: 50aae929-4949-402d-be95-e0a3492c1ff4~~1
.intentiq.com/ Name: IQMediaMathCookieSync
Value: 1653251088851
.intentiq.com/ Name: CSDT
Value: UEQ6MTAxNDRfMCZUNmIzNHhjIzE1MTIwXzAmVDZiMzVIRiMyM18wJlQ2YjM1RTkjMTUwNDhfMCZUNmIzNHNNIzI0XzAmVDZiMzUyZiMxMDEzOV8wJlQ2YjM1N0UjMTUxMTVfMCZUNmIzNUJKIzEwMTQwXzAmVDZiMzVLbCMxNTAzOF8wJlQ2YjM0bkEjMTUxMTlfMCZUNmIzNG54
.intentiq.com/ Name: IQPData
Value: 2503514557#1653251088850#0#1653251086764
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjS3NDYytDAysTA3NjcwMDI3FuIz1C3LCjAL0_W1LKwMy5TiNTQzNTYyNTSwsLAwNQUAYP6uWzMAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjS3NDYytDAysTA3NjcwMDI3FuIz1C3LCjAL0_W1LKwMywQAogcgGiQAAAA
.fg8dgt.com/ Name: tuuid
Value: 8b35b8aa-cd3d-4f1d-aaba-83971892ec1a
.fg8dgt.com/ Name: c
Value: 1653251088
.fg8dgt.com/ Name: tuuid_lu
Value: 1653251088
ads.avct.cloud/ Name: uuid
Value: a7b5763f-103c-4a05-bf76-bce22d4435aa
.adingo.jp/ Name: ID
Value: fd455e01d938155cd91fe446f4360585
.media.net/ Name: data-co
Value: AAAGbrS7t6OYsAMJe66fAAAAAAA~~8
.media.net/ Name: data-r1
Value: OPTOUT~~8
.media.net/ Name: data-rk
Value: 979321824873700273~~8
.media.net/ Name: data-c
Value: af93f6ef-f16d-4099-b899-77901b9bf8e0~~1
.media.net/ Name: data-c-ts
Value: 1653251088
.tribalfusion.com/ Name: ANON_ID
Value: amntmIy4ZawEBA9MAJPnib01W7s5pNmuC4T3duV7EOByZaFTuHhkOqreZbZaqFvZaZccYeCyNtpFTdjr1Or048QgUfqpsD
.media.net/ Name: data-bs
Value: 883106e7-cc3d-4349-8ca2-eb9e0f1b0f05~~1
.w55c.net/ Name: wfivefivec
Value: xaBBc4a91NSS895
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 22
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-xu
Value: xaBBc4a91NSS895~~8
.ibillboard.com/ Name: ibbid
Value: BBID-01-03279650892869371-16609464
dl-file.com/ Name: _lr_retry_request
Value: true
dl-file.com/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMST
Value: YoqcDmKKnBEA
dl-file.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e7d976ba-c653-41a4-983d-9d0c2b298e72%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-22T20%3A24%3A49%22%7D
ads.stickyadstv.com/ Name: uid-bp-36033
Value: h8021_7100659355036967084
ads.stickyadstv.com/ Name: MRM_UID
Value: h8021_7100659355036967084
.adnxs.com/ Name: anj
Value: dTM7k!M40*epbG-ghqdmU(3$'PJ]r##?nG#NW9ThRe4r:[f-zyRnu7%Rt%tcUAh:xE[L4w8zDj%c2chA836oBK0'1P0Kc<2(EfM*geSN(hV!AFD?).eFq:FtEsh1!Cy-Q^G4Q5l?`CC'Oo5vrPs_+N%6lPw:7.(v
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIzODE0MTk3NDk2OTczMDQwNTUyNzkiLCJleHBpcmVzIjoiMjAyMi0wOC0yMFQyMDoyNDo0OFoifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIzODE0MTk3NDk2OTczMDQwNTUyNzkiLCJleHBpcmVzIjoiMjAyMi0wOC0yMFQyMDoyNDo0OVoifX0sImJpcnRoZGF5IjoiMjAyMi0wNS0yMlQyMDoyNDo0OFoifQ==
.id5-sync.com/ Name: id5
Value: 3d160dad-a20d-4af9-9ec1-46d4ac1a1abd#1653251088612#2
ads.stickyadstv.com/ Name: uid-bp-892
Value: e7d976ba-c653-41a4-983d-9d0c2b298e72
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1653251089!google,1653251088!medianet,1653251088!bidswitch,1653251088
.bing.com/ Name: MUID
Value: 23681401CD806EB6077E05ADCC2A6F02
.c.bing.com/ Name: MR
Value: 0
.dl-file.com/ Name: cto_bundle
Value: XXOFLl9idzczcjA5bWh4WDd6cDQ2ZlJBdWJ3bGNyZkFKanFEaW5CSExVeWZOZEp2bWJTQ3lnUFNmVER0Q1dER1lyYmdtRWhiZDFmeEglMkZyN1Z0TjF3QXJyaWlRemZsUTk1REJWeFUxNVhLdUVmdHhpWVc4MjFFa0p1MHVSSXZrZVZVJTJCcW1kWE9NSHFoRlVNUFJWOVdINiUyRnBkc3clM0QlM0Q
.dl-file.com/ Name: cto_bidid
Value: DnhchV9TQ1N4WTFnS2pKOUpINjhnUmVzSEMydERKWmhhSFJkQVRuSURHSjJxTFRJY1pCTkJqenNzVWhvekdiUTFOT3BZcEhjZzV6djlzZm5yZUQzd05iZTNyUWRIV3hORjM2bVF0QVY4NU50S0tuRSUzRA
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEIYZAPEgPXgf304o6EYYzes
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAC6uk7FFTgAACrN1omqBg
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-bUcPrg9E2oMMDuQnlXpgRv2cARdAzhPBPr95Nb5v~A
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: xaBBc4a91NSS895
.adgrx.com/ Name: ADGRX_CM_FREEWHEEL_BRIDGED
Value: 1
ads.stickyadstv.com/ Name: uid-bp-22945
Value: 38f5cf0e-da0d-11ec-a242-f3edface7b2c
ads.stickyadstv.com/ Name: uid-bp-951
Value: 6542586661939034833
ads.stickyadstv.com/ Name: uid-bp-25746
Value: 3941db53-da0d-11ec-9787-fd5140d466c9
ads.stickyadstv.com/ Name: uid-bp-529
Value: afb5628a-9c0e-4600-94cb-309c0e1eca58
.adscale.de/ Name: cct
Value: 1653251090458
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1653251091287
.m6r.eu/ Name: id
Value: 010993b64b2117f90b442d53523469f5
.ih.adscale.de/ Name: tu
Value: 4#3668801695#48~010993b64b2117f90b442d53523469f5~459236~0~0#101~BBID-01-03279650892869371-16609464~459236~0~0#38~CAESEBLz9tiJmWrfXgir8vu5aS8~459236~0~0#39~afb5628a-9c0e-4600-94cb-309c0e1eca58~459236~0~0#40~af93f6ef-f16d-4099-b899-77901b9bf8e0~459236~0~0#42~257778268428343628~459236~0~0#108~afb5628a-9c0e-4600-94cb-309c0e1eca58~459236~0~0#63~YoqcDqa9EIQ3upvl3ZMnoAAA&128~459236~0~0
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1653251091502%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1653251091502%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1653251085268%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A1%2C%22ts%22%3A1653251085268%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1653251085268%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1653251085268%7D%2C%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1653251085268%7D%2C%7B%22p%22%3A%221d819f216e%22%2C%22f%22%3A1%2C%22ts%22%3A1653251085268%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1653251085268%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1653251091502%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1653251091502%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1653251091502%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1653251091502%7D%5D
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjs_6fM5I7eOhAFEhYKB2JsdWVrYWkSCwicsoTZ5I7eOhAFEhUKBmNhc2FsZRILCMKdj9rkjt46EAUSGwoMc2hhcmV0aHJvdWdoEgsI-L-F4uSO3joQBRIWCgdzdng5dDUwEgsIyJrp6OSO3joQBRgBIAEoAjILCLLC9LL7jt46EAU4AVoHZjB2MzVld2AC
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2518:190u~2518"
.dotomi.com/ Name: DotomiTest
Value: d60785771c1121c
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: a94216a6-1ccb-538e-987b-cc1dfaf1500e
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YoqcEwAMOOhnePndDzEtPPWoAb-TlFzeh5_YsQ==
.rubiconproject.com/ Name: audit
Value: 1|SxDDpdz4VY9g/hdZNG/2dIZhn8FZrJDuIM882vZ49H4eECEUBMheij2r16+nqzLBkUy6155qcAMkEa5N2k7U1SEEFoCDRlfY/7aCjgmMzEUgQ+pMuTnIxNlIrFb+AAoVrmeAf3la8RZkUnKUOS0E5Q==
.rlcdn.com/ Name: rlas3
Value: 9T60sBe1uEqFzht638aDqcb4JK/LUjLwBmDuA3+Y68U=
.4dex.io/ Name: uids
Value: eyJ1aWRzIjp7IjMzYWNyb3NzIjp7InVpZCI6IjIxMDU2NDEyNzA1MzQiLCJleHBpcmVzIjoiMjAyMi0wNy0yMVQyMDoyNDo1MS42MjM2NzAyMzZaIn0sImFkYWdpbyI6eyJ1aWQiOiI1Y2U4ZGNhMS1mMzdiLTQ3NzQtOTFmNi1jYWQ1MWI3N2YyZjUiLCJleHBpcmVzIjoiMjAyMi0wNy0yMVQyMDoyNDo0Ni4wOTEzNDk1NzVaIn0sImFwcG5leHVzIjp7InVpZCI6IjY1NDI1ODY2NjE5MzkwMzQ4MzMiLCJleHBpcmVzIjoiMjAyMi0wNy0yMVQyMDoyNDo0Ni44MTgwMzQxOTVaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6ImUyNzA2ZTc2LTMxNGItNGMyMS1iZTUwLTY4MGFiZTAxNjMyMiIsImV4cGlyZXMiOiIyMDIyLTA3LTIxVDIwOjI0OjQ4LjY5MTQ2ODExMVoifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJZb3FjRHFhOUVJUTN1cHZsM1pNbm9BQUFBSUFBQUFBQiIsImV4cGlyZXMiOiIyMDIyLTA3LTIxVDIwOjI0OjQ5LjUxNDQzMjMwN1oifSwicnViaWNvbiI6eyJ1aWQiOiJMM0hSMEVQVy0xTi1JTE9DIiwiZXhwaXJlcyI6IjIwMjItMDctMjFUMjA6MjQ6NDguNDc0MTAwNzIyWiJ9LCJzbWFydCI6eyJ1aWQiOiI3MjI2MTgwNDM2MDA4NzQ5MjQwIiwiZXhwaXJlcyI6IjIwMjItMDctMjFUMjA6MjQ6NTIuNTU3NDg5ODY0WiJ9fSwiYmRheSI6IjIwMjItMDUtMjJUMjA6MjQ6NDYuMDkwOTEzMjRaIn0=
.smartadserver.com/ Name: csync
Value: 116:1Ys4HoGgsBHvDXk05p-c

18 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://amli.sekindo.com/ups.analytics.yahoo.com/ups/58627/occ
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6542586661939034833&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://stags.bluekai.com/site/23178?id=1Ys4HoGgsBHvDXk05p-c&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GFMXGNCIN5DWO42CJB3EIWDLGA2XALLD&gdpr=0
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-1190626119%26pcid%3D%5BRX_UUID%5D
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync.1rx.io/usersync/intentiq/0?zcc=1&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D259151345%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D409511336%26pcid%3D%5BRX_UUID%5D&cb=1653251088893
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://dl-file.com/g6zkpczghqdr/Banks_2012_Chevy131217.rar.html
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1310' from origin 'https://dl-file.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1310
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=afb5628a-9c0e-4600-94cb-309c0e1eca58&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app
00917082-71e9-498e-8343-00c3df06b798.prmutv.co
33across-match.dotomi.com
924-img.c3tag.com
a.dtssrv.com
a.tribalfusion.com
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
amli.sekindo.com
ap.lijit.com
api.intentiq.com
api.permutive.com
api.rlcdn.com
audex.userreport.com
b1h.zemanta.com
b1sync.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
boot.pbstck.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.cintnetworks.com
c1.adform.net
c21lg-d.media.net
c2shb.pubgw.yahoo.com
cc.adingo.jp
cdn.ampproject.org
cdn.jsdelivr.net
cdn.pbstck.com
cdn.permutive.com
cdn.privacy-mgmt.com
cdn.tynt.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
contextual.media.net
creativecdn.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.turn.com
data-beacons.s-onetag.com
ddc6955c99f1a882d3ed64b1730df78a.safeframe.googlesyndication.com
de.tynt.com
dis.criteo.com
dl-file.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt-secure.videohub.tv
e.dtscout.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
geoip.network-n.com
get.s-onetag.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
imasdk.googleapis.com
intake.pbstck.com
js.adscale.de
kumo.network-n.com
live.primis.tech
loadm.exelator.com
loadus.exelator.com
m.fg8dgt.com
map.go.affec.tv
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
mb.moatads.com
mb9eo.publishers.tremorhub.com
medianet-match.dotomi.com
ml314.com
mp.4dex.io
mug.criteo.com
network-n-com.videoplayerhub.com
odr.mookie1.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
ps.eyeota.net
pubads.g.doubleclick.net
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.surveywall-api.survata.com
r1---sn-apaapm4g-apae.gvt1.com
redirector.gvt1.com
rtb-csync.smartadserver.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.doubleclick.net
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking-a.dsp.m6r.eu
tracking.m6r.eu
trc.taboola.com
u.4dex.io
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
video.primis.tech
wt.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
ads.stickyadstv.com
amli.sekindo.com
api.rlcdn.com
sync.1rx.io
sync.inmobi.com
104.128.64.70
104.16.108.154
104.18.98.194
104.19.150.54
104.36.115.98
107.178.246.49
124.146.215.44
13.225.222.69
13.225.223.100
13.225.223.110
13.225.223.111
13.225.223.118
13.225.223.128
13.225.223.18
13.225.223.20
13.225.223.24
13.225.223.43
13.225.223.57
13.225.223.74
132.226.41.106
138.199.40.58
141.95.98.67
142.250.65.226
142.250.80.2
142.250.80.38
144.217.183.17
15.235.42.102
151.101.66.49
158.69.139.226
158.69.139.230
162.55.233.29
172.64.151.83
173.231.178.85
18.204.53.248
18.206.6.38
18.207.82.126
18.215.140.171
18.219.174.164
184.50.205.90
185.167.164.43
185.184.8.90
192.132.33.46
194.213.62.37
198.148.27.139
198.27.80.143
199.127.204.147
199.127.207.188
199.187.193.177
199.187.193.197
199.187.193.199
199.187.193.204
199.244.49.55
199.38.167.128
2001:4998:14:800::1000
206.189.125.55
207.198.113.87
209.54.180.144
23.1.200.83
23.20.2.123
23.217.18.225
23.217.46.172
23.227.137.50
23.227.139.243
23.23.81.221
23.52.161.180
23.52.162.21
23.52.163.40
23.52.167.93
23.88.75.188
23.92.190.69
23.92.190.74
2600:1f18:444a:4680:700d:3b5d:9173:685
2600:1f18:4e9:5a02:ee0e:7d4f:fdcd:65ce
2600:1f18:612b:4232:40ff:2de3:a398:119a
2600:9000:21ec:6000:f:4f64:8940:93a1
2600:9000:21ec:8800:1b:5138:8a40:93a1
2606:4700:10::6816:15d
2606:4700:10::6816:5d
2606:4700:10::ac43:db6
2606:4700:20::681a:78b
2606:4700:20::681a:932
2606:4700:20::ac43:4bf1
2606:4700:3030::6815:4e62
2606:4700:4400::ac40:98f5
2606:4700::6810:5514
2606:4700::6812:272
2606:4700::6812:451
2606:4700::6812:acf
2606:ae80:1451:19::1370
2607:f8b0:4006:809::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::2006
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2008
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2006
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:61c0:eb61:c438:2f4e
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:400d:807::2003
2a00:ba61:0:126::c
2a04:4e42:200::300
3.124.13.195
3.127.213.224
3.134.121.229
3.140.54.152
3.221.62.183
3.225.178.202
34.107.148.139
34.107.254.252
34.111.234.236
34.117.239.71
34.149.40.38
34.196.247.148
34.206.33.80
34.228.204.193
34.229.3.43
34.231.116.207
34.233.85.84
34.236.83.94
34.98.64.218
35.190.60.146
35.190.90.30
35.207.24.140
35.211.141.197
35.211.178.172
35.241.9.51
35.71.131.137
35.84.99.10
37.157.2.234
38.91.45.7
40.71.11.141
44.198.251.190
44.201.217.92
45.55.120.93
46.105.201.240
50.31.142.63
51.222.239.232
51.222.80.231
52.0.204.120
52.116.221.248
52.223.22.214
52.54.42.45
52.70.124.83
54.156.26.12
54.157.59.45
54.163.145.252
54.175.87.114
54.236.139.147
54.87.127.173
54.93.71.13
63.251.28.218
64.202.112.255
64.58.232.179
64.58.232.180
66.180.64.123
67.202.105.21
67.202.105.22
67.202.105.31
67.202.105.32
68.67.160.132
68.67.161.175
69.12.8.74
69.173.151.100
69.90.254.78
70.42.32.223
74.119.119.139
74.119.119.150
74.121.140.14
8.39.36.142
8.43.72.98
96.46.186.57
00b4e8dfc7a79b40b574bf0c0dff13baac44786c8990b694547231ba09eec899
00ba161cf011bda82373321ec6bfcf75317574cfb06b5252b97b8177eeeef45e
0206c8e52782162dac5c192d01296a82c0aa40e89e26bc729417001ee03c44af
025fe09fa93455c5c41393393cce905af3425de2e84143ee14648621ae9cbe86
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
084645bf2a55a68a2e4ed5763cfb6a22272c2f1032c72a29c205287364c9215f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ea8fbfcaabd130c99cbdffacddb9d34805a29c69a5a35ad08869ce53d5ee2
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
11d2d8f2b51fc61218431c0f8443f9a3d283e1058d979ec85c0f2057a8ab43e4
123d0e248ffef9a3257c09efd0a9d90f0d65c29cb609d321b9df31104e433f6a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d9d71d8c07e3b32e6922a03a1d0c0183f6dee780a3229305f3b0f3c4aea4b4
13147e03c7dabc79fe50891b03d2ecf3eec620a3e1c911215096232fad2ead31
13e309b7287306b194fe276a0585fe38dcf39afa349b934b51ef838347ede534
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
163aab8fdd4b7cfa854101763984a802120bf13a82d6f841c33ee9cd201f28c4
1815d6972f651869e5cccbacce9d4346e027e1868b4767fa2945484e5e6e4e6c
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1d407b9d0a019429a722bc9151f7177dc2a6f72324f2d1d1cf8c4532391db935
1db5bfe786e61c9336117b15fc55a8321afe1c2110d6b6d650f0ae67c2755ed5
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4369dd5a2bbb30cd55691f438244c3d40304917a103dc74f77509999fdfeea
2179f3c37347036e6dfd524e274f937e70f55c1f5295ce89f8d343643c85b482
2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048
24236154857348b359f6c033a502be2479b36e9640e792672dfc220d2b86a2e2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b48b2c378909e72327131bf4ebe436a73011919d1e78e9f372671341e79c9b4
2dee09306e81a201670aede62dc935ba87bd1e6fc34e452a743c853426cb3b77
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e62a0f80dde7d448b2a960240d808dcaf23cef8743856677b21edd8d7189094
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f966062c4b3c885f3ffc07dd1ec451fcfb01892cab5cb26755911ff89b70ca6
2fcc12280ed25e886e65c558b07b8435c7037ac5d1fc93be4b79248b48144301
3103a4abbfa0eadf4c29e5411fb2a7ddd2b4764bf272c5c4fcfa3ea3eb63cdd6
31e84cf04f39b074de1f3006cf30da71c1b9d73d17ced371e1729f5ddec30cbb
3233f31f98423137c29af23d3a9a5c8ec05595559cc3493008fdf74e60f483a2
328f0c0c3796eb0363f7a6f33f3da15031dd593714519a6b58c80e5a27dde0cc
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
359c40ccb309e9c171d7bd7848dcbaab24ae5d5b93860b08184b1f1f7e3d2e33
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
35e61f17867ed010340868c9820d5ac28eabe62a5b40f299cacb418b2104c8c7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3729f3da6b6b376b9d7f1d598260bb6a9446ac614941d52c315cda862b065915
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38eba31327475bf6d3b177561a8a2a5cadfa16ed7efab885684acafdb0bd0bfe
39344869b917bfc4563213f63c4e19b9b2b0d2a12145fb8d0dd71df783507a92
3a6a563466752e1144c985d98e5134b282e4a1bd8f5f4e133a7f42b75b6e38bf
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b92fd57682bb7613f88077272e0020c5f2cdf808b7e6f39e6d5ef765a1d5717
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
3d3ca46840df12ab81bb06c7eb22e2c34d8f9e79e5a6696410163ee53d9d61b1
3d4c93561d210e788593a683e689ea777dc93133445ddf63d6f11b151160c37b
3ea38cfe8892707732a292575f0eae7610b434f092b2c6ca4708fdc744597e9e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eeff63befa89024fd225d959f41c303123766396e3d20184d911d809a00db39
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4046d583f53faa5443393c785f2e6cbe4363ec2068313471ccbf050d56ff2530
4233fc987b55311c5816116368270bfd908b6a668a6761234cdb83bace1eb5e1
427a942fe9dae76d895c99b5f7d5e6f4e7e58531d25b5e3000ed83d0f7ea1a04
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
42e0d9a1df7c1d7e8a1119423cb4d6018f9b82d0a00b4f7170f61ae05421953b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4477af99dfbc2673e5cada192721d3a529525889d33e953f0272ea2e470d02f0
449a988c779e714c11e0a3401fa1ca31fcfd1e49de104da8e38f55280c53ed43
452061c22c8900b9901d8c78db4d1f66cc20aceda0550e3e76cf11645b9ad155
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
478e6af52fb68e56ea81b5b785d63530428644c5f656abef360da891644c3243
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ab134bc1ea50c51d5cd492f8cc048ff541b1c1618bd920dcd039a8e2516945
49292d8ed6eedb5edb5ac7c79dc70e095f89040c7b572a46a2489ce880aa2f4c
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a39427cf154fd60d9830eb9e918987ce94c2ec47d36a2fd17d1fef0c15a7f98
4acf4136b03b7954122a580eae0f47a316d9c7100dfbd764ef23b4bcdbfce6f1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcc3e15dd7001a3a2d104aabe7513c975d5de6b56cdff1e34236aaebee053e0
4caaad71017eaa3bf2e379a4e518db0d5982d079b199c60f9059e782a1773076
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed5574dadbe3709842d2118b941d9caf67cebe2abe361ca8f00e44a5455952b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53b68d25fc4784f00a3daa7012ac706ae0c65291ff860f42230e4c4c969274c4
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b2785b9d5f1f17cb6dd00823c3e6c1a006b4adfdc0c0127703d2ce05979d59
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577983078a2d578d1c09ed92a60880fe74ae7f1e51acb5e4d0c3e4df8b313e5a
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
57f956a7c144c330c7fc8e78bc004689eb54e65461f4dd476114063bfa272d2d
5905fde036a5a7b3bc26d73a9c421c8796b0b02a85bf68c221d10f732b5b3474
5c95a14ebe2c302528bda7610170a7fdf4e3eaf88e494c8c927bc5574abfe34f
5cb7b465fad9db23031dbc0bae59fb539354079520c4de191704d700353c5843
5d036c6b6e38a627f8ce276de12a42075bef89a668c2e029bb8ca982680a63d6
5ff6993311cde91fc9b4a6445f8d5fdbc2ca354b0cc1b31e332c2517cd6d9d8d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
611c4f19a053ecd742cfae6acb0180efeef466f5fa3ff0dea928e960256f3d7e
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6425fa89c6564d8cea3c421b76e1dcd3b8e0be9e7ecc2a459cc8e1ec45853992
681ee895370949f77dd63a92386b9747f4409eac446165b937bd49d5ad4a18ca
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68f50c408598f3856dcda898100b22e244eee84aac580f66453d4ed14943776f
693c48f6c942ae7008488f4dc7b2fa75145b1e7bfa33cbaa04f997ba8c5ed973
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d03e9f1314b2a3c47820f388e478967fb548ba11ee1be1d518da34c8987a2e5
6e2dcc3fbb14878aa73b5ea682638e1905938be625e1fd75b5addb79a8fee091
6f12ca2c52ad3c1fa948cb52a860af55d9e1a40fdca6b42bbf1503631eb643f0
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
74a42ff4548bc4979579dbfa71c05883545ab9e446cb11eb70c225d86bb3b713
787702cb56b827ddb06f8441b9d8d2522f47ebda8b895de693165ce3dd1fecdc
78923385d4847d8659898c2ec97902b8ffbb0d1ad3522c19e59f1192a509649e
795abdfaa06e6be7754f7c580a10f5ac5ca69367f2d938cddedc2d3d1d8dba59
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
798adb8860b3dc412e2d789d153f1824e085eef370e05b7531e192a433c06cd4
79ea0fcaad1578acda495df0617d5b4f46de11c0b2dab44f6d20609935385e6c
7ad17a41b851f2c197df49fa916bac9e171a8c2f9d2a7c0d63630912b8f0ae0a
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7b581e99c06657342cedb97ca11f05ab223d0335ead3aae4497f782d1e6c078a
7b748cce237953136fb0e45af806e1d89388aee1c24d9f1ef89a732399a6c2e2
7cda85a280e188db156f410eff63fb211c8191389e0012a6350946dd1804b817
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ebe69396562fa734c5e4f88d98e700d57db7547d0515cffa49d8c618c6dec52
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8044ef044c627efdcb2b8abd8f94056b501ecd254d0cdd262bf1b5076a9f10da
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
84dd9744aa86f730a4ab26fc381f63b06f4307811addf56229eb26f2752b2ee9
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8774ae63d0972387fc36da77c82ca614381a602633af35c9a92ed3e67eeaea01
87ecd71b4f1d95b1919efeb8fe5877ce661393f757f7df7560a2af9727f42203
88812dad7efd4fa7d0b0fe1c56e5316423650137bd9c85edf3a945ae3e44dc54
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd21f4c9389629b19f7c43ca8bfada53dce68951431d788562c9c5af148971b
8dcd1d39023c2158247a90fd84a032772eb47de07bd58eea319fab32c8ce1fa8
8f352f8642d3a05d1b7f00c069700afcde001d78078301798bd3fcf6d342b8ed
8fe184cb6a5761c1b76354b18dc69130f1efc9e3fb47e9e35ee93703c8a8ed4e
8ff31cb138e97b77714e7b23a374568e46d3d9da78d4a643962183080e47b86a
91a0cd4a7f067c4bf11fc6887d01d96ac270a9012c5b559c8399f234ee443d22
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
934a2c110409796d1065c400609814230cb16f68f317bd5c7f930804c4236098
93911c14835c32c6c4a2a205ddf68a3db2b14d30b4efd4c65b946d5f38875626
94024b15f0a587f637a2303205ae361518e1965d6beb190c005e04307783bf19
97028af218975c9de3b856a41de324d945c61250dc01c70be4770581c896538a
971fbf8ca95da9dd174295352805ed105217fdddf9c52f293b2b379d878357f7
98a6b7b7fcf2607fc6a2686ed1bb9b7e93d8c9e25fd688e9f94005a0597a134d
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4f836087c3ab40bc0738da4152b1a37847d330e0c68a0a3fb5b6d12ad9d26e
9be599d6cefdb3787be094191b685a027f52e6bf4ef49d04a50310e7b023c0a6
9c8dabb1e4b0bf39f8cd74368919143ef4896ba85609211c19d97e0ec83e2b8c
9ca21b494fb1e69720637559a9be4bf0ed7e1434dfc9528aaee546ca5c86e90c
9ce137cea295438ce2c8dc8f14054444b29979f04f98c9c55ed2e43e44859233
9d78c0148361a3fcb690e899c0dd3885c79797359301f6829e98ae476b800460
9e4dab61ddf29e2b60cbfecd0ca9b4ac6ab1a58a92517129aa5edc637314b122
9fac92071eeb81d6c1e61ed50e2b4ce6e6841473f4afad1de21ad2f99fb99afb
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fb8c5de496384e3f1b3f6cdcd4451b6efbdee3fe31c68b49969744d58df1f3
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fd29aeff5c2151c3e4a2d0edc28885ffd0675a6d3a59e3ca229944e3490c0e
a6c748745997e83f17b90756869af2a20cf156acf538f1681a8f93a26edaa94c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a757361cd33437a1a35f988c3871efbcdc3c6a11aceb203365bf932c5424ace8
a8863b4ddae3068273f0f50864673aa21d36ddc13d43170cdf18038a7b20f06e
aad209f8b5d8c3f29811d9dba78c0b6490dddbb1976a8fe1f3e65ee27141d053
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b10af4b018ec9b73d565b6da1984427e2873d615a209c99bfae11d117fb925b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f05e413db43ac91cf1f2c2a4a1d2a86e2c48798ce95a6a8e3a042cf93601c8
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b513f20f35c4a08a1922a5476b764b7ef88ed1358fd082fb1dc609c0d901337e
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b738c765fb0f9e4b0a7ef81715666fa20540cb0f3bf9e40a08d06368348cf679
b7f27b89f7a51196dad504382c738ec556d5c451fd87555662899e0986e0a242
b8815c619566c4705e1da4ad5b9cf5363b1ddad9fd182d97d60575eee1868a13
b90d4a2515dc05572cf9c333aaf8621a2536d02a4a231128be173558224fdc95
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd7c14c120518c40e2d08171fe88510b8f219eb9ccac919ea0178bbf0e58121
bd539d224655cd1dacf2172ff13b4fdb8d258d305180fb4ea03f9c1886c4ae49
becc06bdb511ed6c14189120e5be2519c7923ff42bf30f9254f8fe6bbd16ff20
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1e9ba38efdd493316eb5275f06cc7e462835c667b26db4358d9b7fe3ac35a88
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3e2413eab4e700ddaff711c14bf15ad5615daa34aebcf16c99a6096b95a4ede
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9
c606ce33a4fba3a5fb33245f20978b63a487aca5a39bfe6d187b7e410fdb87e2
c71ec811b654fde5ab4be70f80aee7459fb2187c3e9a96bab32084151d00c75e
c742c7d5e9fb6770c470a0cd751986f27f0a6f7ef7366abbedcaed0b570ba75f
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c8bbd369ccba4dbba79e6b2c836c2f059d5a66544a2cba95a67a113141219d9b
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cefd30fa0e03af0cb10b2d14b177c673b7d186f32a8653c92f603a536d152b8d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5ae42b62b57bd4a50cb838819b2683f97941d1ff860491cb0034197999565e
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12fd1d8afb1c2d8cb9d59868336a6c9e357af548f36aa41bcdb12fa19158365
d7b4963a8501a0a36adb82b5be584dac7f0867121fc1479c0c31abc6ed8da219
d8cdac2115689218d01716b087218009c31a6f833ba74709f3844a9f92234db6
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
d97f3efe68f835117863e4d76fec93f4309fd3c9070b3eee59400d7f145517d2
de8fae08c5501b21d8d32a480e1b209c10a2def05cbf65db773d3af28c65a32c
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dec9eedff4ebf71efade6389e80183458c943f9fb293a5f34058cb7abded9c25
e06844a840084101cffc8d6e89d2736f3c0920f8fdd7999b10aeb92539374b58
e22a0f3f0c63f4f9e2be0b362a40706b6504d08e370a2769b8293ddbb203b3dc
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e26142148dc2365533532cc901d730ee02f79bfffb9da86b20873911281c180f
e353e00f197bf62d89362ebb53464f92a2e2ba7382ae0e0cc04d986128725385
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e46c422d4a03b593c47b53069c195b002ab0a268332459806acca1722a726960
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e76f2c32ecd923b05ca6b92d18ebdd280a0d761c2dd5a386d327ba747c5b4ba1
e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
eb8687e450cc1ed7e7b35a9139b242584e74372d14ab3a74efc8adce11425cf6
ebef1aa36471bb515492ad247f0409c576cb55823ede5557483a5e29e67c4e30
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
f13d870ac86bef971aca986461d25163d26319d4ff2d1f69b99dd3a27aaddfbf
f33f1cc92dc64313fbe3b07d496cc9b8723b604ff7dda0d006762311ca10d0a5
f4a34f7908a57b7feaed671d426c88560cb4cbf90dd92c132b241e22ac3454d2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bf6d1af4e1926e10a1f8b61a1d0a658a48e7ffe323b13ef50d57438e6f24b7
f7e300a811bd31edf89f6ec0d50c0073cfa1939ce1203a69e8270d85efc2c390
f956cadd21ce23cdc94a772e002a9de129b826e7540ac0d58d29729279e9b50b
f97576351069948f822f3482faec8a35d142c159d25a306a88f21e18caf61333
f9de1c59e2a76d260d705eeae08619d081c6d54d6fe3472ff24f8db710ab9105
fa7ff52fc5d97b31c4b2859268baa04364d859e17fe24a3e4b58ba865840e6c7
fdefa5142e49ebc7e268381783d12023a9dba6d7738a8751d1b2421fb5951f9d