tenderchicksfx.com Open in urlscan Pro
2606:4700:3031::6815:1997  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://loveme.uno/stormy HTTP 301
   https://loveme.uno/stormy HTTP 301
   https://loveme.uno/stormy/ Page URL
   
2. https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• http://loveme.uno/stormy HTTP 301
• https://loveme.uno/stormy HTTP 301
• https://loveme.uno/stormy/

Request Chain 21

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/ttd?uid=708c8f92-7272-4d9c-a7fd-5b8632bba254&gdpr=0&gdpr_consent=

Request Chain 22

• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
• https://sync.sharethis.com/nlsn?uid=e16d0e855f32f2476b82edd630d6968b

Request Chain 23

• https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGIABWH8RxsAAAAJRfCAAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
• https://idsync.rlcdn.com/395886.gif?partner_uid=3624887121573052472 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNDg4NzEyMTU3MzA1MjQ3MhAAGg0Im47xjwYSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=4a0566a8741f265751ebcac9dbfd19fe463833180ec0824065b6f33eadef8a56f4cb09cee1a4f8eb&person_id=3624887121573052472&eid=50082

Request Chain 24

• https://tags.bluekai.com/site/59574?id=ZGIABWH8RxsAAAAJRfCAAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
• https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 29

• https://pixel.onaudience.com/?partner=137085098&mapped=51A0164392322743E68B6965402779B0 HTTP 302
• https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
• https://tags.bluekai.com/site/33141?&id=cbe2de575bc1c493

Request Chain 31

• https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&cb=1643923227265.1&gdpr_consent= HTTP 302
• https://ce.lijit.com/merge?pid=8093&3pid=f05789e6-a817-48af-b43b-388ea7997623&us_privacy=&location=https://ws.rqtrk.eu/push?dmp%3D69937f41-9d0e-479c-b978-bf19bd713ee3%26uid%3D%5BSOVRNID%5D HTTP 302
• https://ce.lijit.com/merge?pid=8093&3pid=f05789e6-a817-48af-b43b-388ea7997623&us_privacy=&location=https%3A%2F%2Fws.rqtrk.eu%2Fpush&dnr=1

Request Chain 32

• https://map.go.affec.tv/map/3a/?pid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&ts=1643923227265.2 HTTP 303
• https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61fc471bd6bfb400012c690c%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D61fc471bd6bfb400012c690c%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D HTTP 302
• https://map.go.affec.tv/map/an/4568131758548027872?ch=61fc471bd6bfb400012c690c&chc=tt&floc=&redirect_url=

Request Chain 33

• https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&random=1643923227265.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&random=1643923227265.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=65c00617-6494-4c7e-8660-daf141147a6b%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=708c8f92-7272-4d9c-a7fd-5b8632bba254&ttd_puid=65c00617-6494-4c7e-8660-daf141147a6b%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
• https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
• https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 34

• https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&33random=1643923227265.4&cat=33across HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&33random=1643923227265.4&cat=33across HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnAwWlBtcFAyUTRMMFdCV29PdDJabmlCMU1MTXNyT25rRGFEaHlCdGFfNGc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnAwWlBtcFAyUTRMMFdCV29PdDJabmlCMU1MTXNyT25rRGFEaHlCdGFfNGc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJ76KDm3oOUJA-AqrrDmZb4&google_cver=1

Request Chain 35

• https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=&zcluid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&ziid=1643923227265.5 HTTP 302
• https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=ae48a45c-39da-47b7-7355-9ee4e73205df&reqId=6d08da54-87b6-4fd6-5544-71a1f5f7a574&us_privacy=&zcluid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&zdid=239&ziid=1643923227265.5&zpb=wu%21&zpbcat= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26ctry%3DCA%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dae48a45c-39da-47b7-7355-9ee4e73205df%26reqId%3D6d08da54-87b6-4fd6-5544-71a1f5f7a574%26us_privacy%3D%26zcluid%3DCoIKTGH8RxtKI9rsBhJZAg%253D%253D%26zdid%3D239%26ziid%3D1643923227265.5%26zpb%3Dwu%2521%26zpbcat%3D HTTP 302
• https://mwzeom.zeotap.com/mw?adnxs_uid=7965239731719966469&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=ae48a45c-39da-47b7-7355-9ee4e73205df&reqId=6d08da54-87b6-4fd6-5544-71a1f5f7a574&us_privacy=&zcluid=CoIKTGH8RxtKI9rsBhJZAg==&zdid=239&ziid=1643923227265.5&zpb=wu!&zpbcat=

Request Chain 36

• https://dp2.33across.com/ps/?pid=1205&random=1643923227265.6 HTTP 302
• https://idsync.rlcdn.com/405716.gif?partner_uid=211552130040684

Request Chain 37

• https://dp1.33across.com/ps/?pid=669&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&random=1643923227265.7 HTTP 302
• https://secure.adnxs.com/mapuid?t=2&member=1001&user=117494521558030&seg_code=33x&random=1643923227 HTTP 307
• https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117494521558030%26seg_code%3D33x%26random%3D1643923227

Request Chain 43

• https://um.simpli.fi/lj_match?r=83722 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=C8E1C0A8514742869C425AD63B21AB8E

Request Chain 44

• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043 HTTP 303
• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043&_li_chk=true&previous_uuid=9231337a78fa47acb7a0680108dddd36 HTTP 303
• https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 45

• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043 HTTP 303
• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043&_li_chk=true&previous_uuid=de611e208f5548a69649cec57c7871c4 HTTP 303
• https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043

Request Chain 46

• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=8cbe88fefe5a832b2c5ff043&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=67359 HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=8cbe88fefe5a832b2c5ff043&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=67359&_expected_cookie=77dc98b02fe32bb1236819ccd6835946 HTTP 302
• https://ce.lijit.com/merge?pid=5014&3pid=77dc98b02fe32bb1236819ccd6835946

Request Chain 55

• https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID&rdf=1 HTTP 302
• https://sync.crwdcntrl.net/map/c=240/tp=PUBM/tpid=7EC7B419-C7A3-4B1E-B5C4-3DEAE31ACCCF

Request Chain 56

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
• https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=708c8f92-7272-4d9c-a7fd-5b8632bba254/gdpr=0/gdpr_consent=

Request Chain 58

• https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=4cf6db6f370aa3ba7909006577e33a77&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D65c00617-6494-4c7e-8660-daf141147a6b%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D65c00617-6494-4c7e-8660-daf141147a6b HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6250854833990502849&pt=65c00617-6494-4c7e-8660-daf141147a6b%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D65c00617-6494-4c7e-8660-daf141147a6b HTTP 302
• https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=65c00617-6494-4c7e-8660-daf141147a6b

Request Chain 59

• https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 301
• https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D

Request Chain 60

• https://px.surveywall-api.survata.com/t HTTP 302
• https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=1ecdf1e5-e05e-6e42-68a9-c966d0257581

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response loveme.uno/stormy/ Redirect Chain http://loveme.uno/stormy https://loveme.uno/stormy https://loveme.uno/stormy/	6 KB 2 KB	79ms 78ms	Document text/html	2606:4700:3033::ac43:99f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loveme.uno/stormy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:99f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.27 Resource Hash 83bd4491f3cf7ccaf6472aa3d83418e4cb18af6b10c2851bc5d4e501b871cb77 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers date Thu, 03 Feb 2022 21:20:26 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.27 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7vaMvm%2BjFAK6w8ZEsKyUso%2BQT7xTbxlaKko9ICZI0nCqoyvy%2FRFAv7h68uN4ZRJadKMkAWBpAKkYHrp22CTeXEf%2BKXHlnvsgUVadxIvQOM%2Fg1%2FL74p1I09dhHOFqsLZDNsSrS%2BrLM4e"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d7eb405ab1d713f-YUL content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Thu, 03 Feb 2022 21:20:26 GMT content-type text/html location https://loveme.uno/stormy/ x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL9BhwF5sSaS2H0FmIc1tWS2RTXHBTtseSygxgW6E%2B6%2BxokJ9NuODH6RpOowuzoefoTE5D2ytHbuXCPiTRrYKlp64VaK%2BjCTWSdtkEwSD5Xyv%2BNvgCelU%2F8d9j9mUeV9JapP%2BfErpeKW"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d7eb404ea33713f-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	664 B 858 B	82ms 33ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 03 Feb 2022 19:24:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 03 Feb 2022 21:20:26 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 03 Feb 2022 21:20:26 GMT
GET H2	200	love.gif fuckboox.xyz/	150 KB 151 KB	89ms 25ms	Image image/gif	2606:4700:3034::ac43:853c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fuckboox.xyz/love.gif Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:853c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e02626e6136c11d2ddb9b4a4cf94faa7853f7c6f3ed644ff9bcfae6f4912666 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 187895 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 153467 last-modified Tue, 11 Jan 2022 13:45:21 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1k9ijlO6OeYcpWzJdQKlNegrSVEW1Qdien3sBNOlaTMWLL9hASp54Ej9KP8sOFvXgqluITmNj214%2FQOT6soohqKZtCG9mbnh6gkUcKPvNK5aocmnZ8qRg08sUuml2TooEeKA9fZ1ai7mf8%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6d7eb406be694bb8-YUL expires Tue, 08 Feb 2022 17:08:51 GMT
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	73ms 9ms	Script application/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:19:13 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.122.0/26 etag "-375139978" x-cacheable Matched cache content-type application/javascript; charset=UTF-8 x-cdn-pop bhs accept-ranges bytes content-length 4364 x-request-id 337248723
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v22/	23 KB 24 KB	77ms 19ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://loveme.uno Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 19:30:02 GMT x-content-type-options nosniff age 93024 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:14:03 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 02 Feb 2023 19:30:02 GMT
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	376 B 511 B	35ms 10ms	Script text/html	192.99.0.58 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4616270&@f16&@g1&@h1&@i1&@j1643923226773&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-119351011&@b3:1643923227&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Floveme.uno%2Fstormy%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.0.58 , Canada, ASN16276 (OVH, FR), Reverse DNS ns500326.ip-192-99-0.net Software / Resource Hash 892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:26 GMT Connection close Content-Length 376 Content-Type text/html;charset=UTF-8
GET H/1.1	200 OK	/ Show response e.dtscout.com/e/	9 KB 10 KB	400ms 193ms	Script application/javascript	51.89.24.69 OVH
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?4616270&@f16&@g1&@h1&@i1&@j1643923226773&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-119351011&@b3:1643923227&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Floveme.uno%2Fstormy%2F&@w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip69.ip-51-89-24.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash a4b852c9458d981039be2df03789b146301fae514ed003ab447ae60d207e7d83 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT X-T 0.477 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S ger1 Expires Thu, 03 Feb 2022 21:20:26 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame 7A7C	1 KB 750 B	304ms 98ms	Document text/html	51.89.24.70 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=51A0164392322743E68B6965402779B0 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip70.ip-51-89-24.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash 9b2437f474803701726c83660e83f6e434926cfa7eee247609b0f4222df8f23a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers Server nginx/1.14.0 (Ubuntu) Date Thu, 03 Feb 2022 21:20:27 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Thu, 03 Feb 2022 21:20:26 GMT Cache-Control no-cache Content-Encoding gzip
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	30 KB 10 KB	79ms 18ms	Script text/javascript	13.225.63.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-125.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY content-encoding gzip last-modified Thu, 03 Jun 2021 13:27:46 GMT server AmazonS3 age 42818 etag W/"a1c6ef0f57fd5dc66dd46feb78238adf" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 7e35b683005d768b7c720f84f8a9e476.cloudfront.net (CloudFront) cache-control max-age=86400 date Thu, 03 Feb 2022 09:26:50 GMT x-amz-cf-pop EWR53-C1 x-amz-cf-id c89wPuCJRt76WJnr3x0j74j_kaoYNkS276LZZWgLSSrsSRNavKtVeQ==
GET H/1.1	200 OK	dtscout Show response pd.sharethis.com/pd/	2 KB 3 KB	142ms 34ms	Script application/javascript	3.140.12.176 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/dtscout Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.140.12.176 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-140-12-176.us-east-2.compute.amazonaws.com Software / Resource Hash f9bcc76113f657b1619e7497de5cf98aa3821fe5c81e501348c9e3d2cbb987c0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 2273 Strict-Transport-Security max-age=63072000; includeSubDomains; Content-Type application/javascript
GET H2	200	afwu.js Show response cdn.tynt.com/	10 KB 4 KB	113ms 53ms	Script application/javascript	104.18.29.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/afwu.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:27 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:45 GMT server cloudflare age 87607 etag W/"61295205-288b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6d7eb40a9f8953e9-YYZ expires Sun, 06 Feb 2022 21:20:27 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 317 B	313ms 106ms	Script application/javascript	51.89.24.70 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=loveme.uno&_ss=8xnahh48sb&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=htrf&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip70.ip-51-89-24.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash b97e21df7b975d57f94853e3e1cf3b085ccec2ca41a41f3543181e4682ec24af Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT X-T 3.99 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Thu, 03 Feb 2022 21:20:26 GMT
GET H2	200	/ Show response onetag-geo.s-onetag.com/	535 B 949 B	88ms 28ms	Fetch application/json	99.84.125.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.125.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-125-13.ewr52.r.cloudfront.net Software / Resource Hash 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 17:37:35 GMT via 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront), 1.1 6b3d2643c74a20e5b5a8b8be0da4fbfa.cloudfront.net (CloudFront) age 13372 x-amzn-requestid 73dd6eb6-aa0b-4d26-b981-fe3a7ed7fc00 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop IAD89-C3, EWR52-C3 x-amz-apigw-id M-fi6GHKiYcFZ8g= content-length 535 x-amz-cf-id ldib-iQjpZvW9jXYAK4PO1V_1xq2qYBOJBK2t7JXKHbCR15tQSJ41g==
GET H2	200	p ic.tynt.com/b/	35 B 523 B	102ms 30ms	Image image/gif	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1643923227346&dn=AFWU&iso=0&t=loveme.uno Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:27 GMT last-modified Fri, 16 Apr 2010 15:38:20 GMT server nginx/1.16.1 etag "4bc8846c-23" p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" accept-ranges bytes content-type image/gif content-length 35 expires "Sat, 26 Jul 1997 05:00:00 GMT"
GET H/1.1	200 OK	t.dhj Show response t.sharethis.com/1/d/	2 KB 2 KB	80ms 20ms	Script application/javascript	104.67.5.55 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.04365595260396837&stid=ZGIABWH8RxsAAAAJRfCAAw%3D%3D Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/dtscout Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-5-55.deploy.static.akamaitechnologies.com Software / Resource Hash 64d3832222c936750005970f112564a866205618c4ee2add45d7e3002f5e86ea Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type application/javascript Cache-Control private, max-age=3600 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 1364 Expires Thu, 03 Feb 2022 22:20:27 GMT
GET H/1.1	200 OK	dtscout pd.sharethis.com/pd/	42 B 265 B	34ms 34ms	Image image/gif	3.140.12.176 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Floveme.uno%2Fstormy%2F&event_source=dtscout&rnd=0.04365595260396837&exptid=ZGIABWH8RxsAAAAJRfCAAw%3D%3D&fcmp=false Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.140.12.176 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-140-12-176.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 42 Strict-Transport-Security max-age=63072000; includeSubDomains; Content-Type image/gif
GET H/1.1	200 OK	t_.htm Show response t.sharethis.com/a/ Frame 8406	2 KB 1 KB	20ms 19ms	Document text/html	104.67.5.55 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/a/t_.htm?ver=1.838.22866&cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.04365595260396837&stid=ZGIABWH8RxsAAAAJRfCAAw%3D%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-5-55.deploy.static.akamaitechnologies.com Software / Resource Hash ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers Content-Length 1160 Cache-Control max-age=604800 Expires Thu, 10 Feb 2022 21:20:27 GMT Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Encoding gzip Content-Type text/html X-Robots-Tag noindex, nofollow
GET H2	200	v2 Show response de.tynt.com/deb/	1 KB 2 KB	108ms 34ms	Script application/javascript	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/afwu.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software / Resource Hash 116864022ff168aa5eaa1ece59bd79266a11272956a475c41420700a78954c4d Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:27 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 1501 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	t_.js Show response t.sharethis.com/1.838.22866/a/CA/ Frame ADC4	20 KB 9 KB	21ms 21ms	Script text/javascript	104.67.5.55 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1.838.22866/a/CA/t_.js?cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.838.22866&cid=c010&cls=C Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-67-5-55.deploy.static.akamaitechnologies.com Software / Resource Hash 72c3a3adcbf4ffb03b0844cb8995379c6d74913c0794ae493a586c7aac2ec779 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/a/t_.htm?ver=1.838.22866&cid=c010&cls=C User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Content-Encoding gzip Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type text/javascript Cache-Control max-age=604800 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 8769 Expires Thu, 10 Feb 2022 21:20:27 GMT
GET H2	200	EU Show response onetag-geo-grouping.s-onetag.com/regionalbloc/	1 KB 833 B	91ms 23ms	Fetch application/json	13.33.46.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.46.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-28.ewr52.r.cloudfront.net Software restify / Resource Hash 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 03:48:21 GMT content-encoding gzip server restify age 63126 vary Accept-Encoding,origin x-cache Hit from cloudfront content-type application/json access-control-allow-origin https://loveme.uno access-control-expose-headers api-version, content-length, content-md5, content-type, date, request-id, response-time cache-control max-age=86400 x-amz-cf-pop EWR52-C1 x-amz-cf-id jvIqvSNNVxFJOZljHrdwqUm2BzgzUipIheneGaVJ82ePTlS2oUCeng== via 1.1 29206f4909cacc031d06a0daf330fb6a.cloudfront.net (CloudFront)
GET H/1.1	200 OK	test_oracle Show response pd.sharethis.com/pd/ Frame 4D54	438 B 675 B	34ms 34ms	Script application/javascript	3.140.12.176 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/test_oracle Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.838.22866&cid=c010&cls=C Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.140.12.176 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-140-12-176.us-east-2.compute.amazonaws.com Software / Resource Hash 0bac2d7db5b700aaed4547d13c3e35042fc1fbc251efb2d84af998ee977d8602 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 438 Strict-Transport-Security max-age=63072000; includeSubDomains; Content-Type application/javascript
GET H/1.1	200 OK	ttd sync.sharethis.com/ Frame ADC4 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://sync.sharethis.com/ttd?uid=708c8f92-7272-4d9c-a7fd-5b8632bba254&gdpr=0&gdpr_consent=	42 B 297 B	152ms 35ms	Image image/gif	3.15.117.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/ttd?uid=708c8f92-7272-4d9c-a7fd-5b8632bba254&gdpr=0&gdpr_consent= Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-15-117-250.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Date Thu, 03 Feb 2022 21:20:27 GMT Content-Length 42 Stid ZGIABWH8RxsAAAAJRfCAAw== Content-Type image/gif Redirect headers pragma no-cache date Thu, 03 Feb 2022 21:20:27 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.sharethis.com/ttd?uid=708c8f92-7272-4d9c-a7fd-5b8632bba254&gdpr=0&gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 215
GET H/1.1	200 OK	nlsn sync.sharethis.com/ Frame ADC4 Redirect Chain https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 https://sync.sharethis.com/nlsn?uid=e16d0e855f32f2476b82edd630d6968b	42 B 297 B	177ms 34ms	Image image/gif	3.15.117.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/nlsn?uid=e16d0e855f32f2476b82edd630d6968b Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-15-117-250.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Date Thu, 03 Feb 2022 21:20:27 GMT Content-Length 42 Stid ZGIABWH8RxsAAAAJRfCAAw== Content-Type image/gif Redirect headers date Thu, 03 Feb 2022 21:20:27 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://sync.sharethis.com/nlsn?uid=e16d0e855f32f2476b82edd630d6968b cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET H/1.1	200 OK	csync.ashx ml314.com/ Frame ADC4 Redirect Chain https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGIABWH8RxsAAAAJRfCAAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D https://idsync.rlcdn.com/395886.gif?partner_uid=3624887121573052472 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNDg4NzEyMTU3MzA1MjQ3MhAAGg0Im47xjwYSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=4a0566a8741f265751ebcac9dbfd19fe463833180ec0824065b6f33eadef8a56f4cb09cee1a4f8eb&person_id=3624887121573052472&eid=50082	43 B 312 B	25ms 24ms	Image image/gif	34.233.103.61 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=4a0566a8741f265751ebcac9dbfd19fe463833180ec0824065b6f33eadef8a56f4cb09cee1a4f8eb&person_id=3624887121573052472&eid=50082 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-103-61.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Fri, 04 Feb 2022 16:20:27 GMT Redirect headers date Thu, 03 Feb 2022 21:20:27 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=4a0566a8741f265751ebcac9dbfd19fe463833180ec0824065b6f33eadef8a56f4cb09cee1a4f8eb&person_id=3624887121573052472&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	oracle sync.sharethis.com/ Frame ADC4 Redirect Chain https://tags.bluekai.com/site/59574?id=ZGIABWH8RxsAAAAJRfCAAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957	42 B 297 B	173ms 35ms	Image image/gif	3.15.117.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-15-117-250.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Date Thu, 03 Feb 2022 21:20:27 GMT Content-Length 42 Stid ZGIABWH8RxsAAAAJRfCAAw== Content-Type image/gif Redirect headers Location https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957 Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	43 KB 14 KB	74ms 19ms	Script text/javascript	99.84.42.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-126.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Thu, 03 Feb 2022 02:10:34 GMT content-encoding gzip last-modified Mon, 10 Jan 2022 15:33:32 GMT server AmazonS3 age 68994 etag W/"e8e52baa0cf6ccb764f317323674bacd" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 4d3ba36f3ff7e0b1faca1055e53c9914.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop EWR52-C4 x-amz-cf-id iPoOXMF93Rc1OVFRm9SaETGP3wJ_onDQoGQs7H7rJmBkuR16JtIK7w==
GET H/1.1	200 OK	/ Show response t.dtscdn.com/widget/	0 407 B	88ms 20ms	Script application/javascript	159.203.161.83 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=51A0164392322743E68B6965402779B0&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Floveme.uno%2Fstormy%2F&r= Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS lb4.ny1.dtscdn.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 20:07:56 GMT X-T 0.84 x-server web14.ny1.dtscdn.com Cache-Control no-cache Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Expires Thu, 03 Feb 2022 20:07:55 GMT
GET H2	200	e Show response a.dtssrv.com/	21 B 666 B	106ms 52ms	XHR application/json	2606:4700:3030::6815:4e62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/e?i=51A0164392322743E68B6965402779B0 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4e62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d166617d0f8d23a410e652cbc7e4cefa6080e0753b16ddad9a2921b66041f10 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:27 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TSMuEh9%2B2ZxWfrp5k4ZOu13qh5PQwd3a29QfpL3tO4Ls1VOvVdzTVOmjYDIpHKV9qezQF6QYyxeoSiAQEBkf1PKoRfQ22TvcwFD9gMjX0p33DhztPeT4%2Fq075mqyBTxakuUnfCVwM%2FEfJc%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://loveme.uno cache-control s-maxage=0 access-control-allow-credentials true cf-ray 6d7eb40cca9e4bd0-YUL expires Thu, 03 Feb 2022 23:20:27 GMT
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 425 B	122ms 85ms	Image image/gif	23.3.124.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=51A0164392322743E68B6965402779B0&ret=html&phint=__bk_l%3Dhttps%3A%2F%2Floveme.uno%2Fstormy%2F&r=51744975 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.3.124.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-3-124-133.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:27 GMT P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 62 BK-Server 448e Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H/1.1	200 OK	33141 tags.bluekai.com/site/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=51A0164392322743E68B6965402779B0 https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m https://tags.bluekai.com/site/33141?&id=cbe2de575bc1c493	62 B 583 B	245ms 210ms	Image image/gif	23.3.124.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/33141?&id=cbe2de575bc1c493 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 23.3.124.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-3-124-133.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif Redirect headers location https://tags.bluekai.com/site/33141?&id=cbe2de575bc1c493 content-length 0
GET H/1.1	200 OK	bk-coretag.js Show response tags.bkrtx.com/js/ Frame 4D54	51 KB 16 KB	216ms 43ms	Script application/javascript	23.59.109.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.bkrtx.com/js/bk-coretag.js Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/test_oracle Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.59.109.174 Atlanta, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-59-109-174.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Last-Modified Fri, 21 May 2021 19:14:21 GMT Server nginx/1.15.8 ETag W/"60a8068d-cbc2" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=604800 Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive Content-Length 16078 Expires Thu, 10 Feb 2022 21:20:27 GMT
GET H/1.1	204 No Content	merge ce.lijit.com/ Redirect Chain https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&cb=1643923227265.1&gdpr_consent= https://ce.lijit.com/merge?pid=8093&3pid=f05789e6-a817-48af-b43b-388ea7997623&us_privacy=&location=https://ws.rqtrk.eu/push?dmp%3D69937f41-9d0e-479c-b978-bf19bd713ee3%26uid%3D%5BSOVRNID%5D https://ce.lijit.com/merge?pid=8093&3pid=f05789e6-a817-48af-b43b-388ea7997623&us_privacy=&location=https%3A%2F%2Fws.rqtrk.eu%2Fpush&dnr=1	0 433 B	23ms 23ms	Image text/plain	23.92.190.69 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=8093&3pid=f05789e6-a817-48af-b43b-388ea7997623&us_privacy=&location=https%3A%2F%2Fws.rqtrk.eu%2Fpush&dnr=1 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 23.92.190.69 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:27 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3ewr1 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:27 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Location https://ce.lijit.com/merge?pid=8093&3pid=f05789e6-a817-48af-b43b-388ea7997623&us_privacy=&location=https%3A%2F%2Fws.rqtrk.eu%2Fpush&dnr=1 Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3ewr1 Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	204	4568131758548027872 map.go.affec.tv/map/an/ Redirect Chain https://map.go.affec.tv/map/3a/?pid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&ts=1643923227265.2 https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61fc471bd6bfb400012c690c%26chc%3Dtt%26floc%3D%26redirect_url%3D https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D61fc471bd6bfb400012c690c%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D https://map.go.affec.tv/map/an/4568131758548027872?ch=61fc471bd6bfb400012c690c&chc=tt&floc=&redirect_url=	0 627 B	84ms 84ms	Image text/plain	13.225.214.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://map.go.affec.tv/map/an/4568131758548027872?ch=61fc471bd6bfb400012c690c&chc=tt&floc=&redirect_url= Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H2 Server 13.225.214.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-43.ewr50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:27 GMT via 1.1 c5e0ddd115d9893ade353cf085d11dba.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 content-encoding gzip x-amz-cf-id ZL8htXaEd8hU8igXwrp61Z_bll3ltzenGCXl6TsVJzHKRq23PbaDOA== vary Accept-Encoding x-cache Miss from cloudfront Redirect headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:27 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 83c74e2c-8bad-4a4a-a2db-5c67f9e97685 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://map.go.affec.tv/map/an/4568131758548027872?ch=61fc471bd6bfb400012c690c&chc=tt&floc=&redirect_url= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	usermatch.gif beacon.krxd.net/ Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&random=1643923227265.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&random=1643923227265.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%... https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=65c00617-6494-4c7e-8660-daf141147a6b%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=... https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=708c8f92-7272-4d9c-a7fd-5b8632bba254&ttd_puid=65c00617-6494-4c7e-8660-daf141147a6b%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu... https://usermatch.krxd.net/um/v2?partner=tapad https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad	0 338 B	73ms 23ms	Image text/plain	44.196.16.107 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H2 Server 44.196.16.107 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-16-107.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:27 GMT cache-control private, no-cache, no-store x-request-time D=40 t=1643923227 x-served-by beacon-n039-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad date Thu, 03 Feb 2022 21:20:27 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a001-ash-prod.krxd.net
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&33random=1643923227265.4&cat=33across https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&33random=1643923227265.4&cat=33across https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnAwWlBtcFAyUTRMMFdCV29PdDJabmlCMU1MTXNyT25rRGFEaHlCdGFfNGc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer... https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnAwWlBtcFAyUTRMMFdCV29PdDJabmlCMU1MTXNyT25rRGFEaHlCdGFfNGc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJ76KDm3oOUJA-AqrrDmZb4&google_cver=1	70 B 440 B	38ms 38ms	Image image/gif	54.156.26.12 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJ76KDm3oOUJA-AqrrDmZb4&google_cver=1 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-156-26-12.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Thu, 03 Feb 2022 21:20:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJ76KDm3oOUJA-AqrrDmZb4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 375 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	mw mwzeom.zeotap.com/ Redirect Chain https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=&zcluid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&ziid=1643923227265.5 https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=ae48a45c-39da-47b7-7355-9ee4e73205df&reqId=6d08da54-87b6-4fd6-5544-... https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26ctry%3DCA%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dae48a45c-39da-47b7-73... https://mwzeom.zeotap.com/mw?adnxs_uid=7965239731719966469&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=ae48a45c-39da-47b7-7355-9ee4e73205df&reqId=6d08da54-87b6-4fd6-5544-71a1f5f7a574&...	95 B 178 B	75ms 64ms	Image image/png	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?adnxs_uid=7965239731719966469&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=ae48a45c-39da-47b7-7355-9ee4e73205df&reqId=6d08da54-87b6-4fd6-5544-71a1f5f7a574&us_privacy=&zcluid=CoIKTGH8RxtKI9rsBhJZAg==&zdid=239&ziid=1643923227265.5&zpb=wu!&zpbcat= Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H2 Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:27 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://loveme.uno access-control-allow-credentials true cf-ray 6d7eb40e2f70ca6f-YUL access-control-allow-headers * content-length 95 Redirect headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:27 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 803.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid e4d82850-341a-440b-8061-85a1901e318b Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://mwzeom.zeotap.com/mw?adnxs_uid=7965239731719966469&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=ae48a45c-39da-47b7-7355-9ee4e73205df&reqId=6d08da54-87b6-4fd6-5544-71a1f5f7a574&us_privacy=&zcluid=CoIKTGH8RxtKI9rsBhJZAg==&zdid=239&ziid=1643923227265.5&zpb=wu!&zpbcat= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	405716.gif idsync.rlcdn.com/ Redirect Chain https://dp2.33across.com/ps/?pid=1205&random=1643923227265.6 https://idsync.rlcdn.com/405716.gif?partner_uid=211552130040684	42 B 60 B	54ms 41ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/405716.gif?partner_uid=211552130040684 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol H3 Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Thu, 03 Feb 2022 21:20:27 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers pragma no-cache date Thu, 03 Feb 2022 21:20:27 GMT referrer-policy unsafe-url server 33XP001 x-33x-status 4000000000004000C p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" location https://idsync.rlcdn.com/405716.gif?partner_uid=211552130040684 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 01-Jan-70 00:00:01 GMT
GET H/1.1	200 OK	bounce secure.adnxs.com/ Redirect Chain https://dp1.33across.com/ps/?pid=669&uid=CoIKTGH8RxtKI9rsBhJZAg%3D%3D&us_privacy=&random=1643923227265.7 https://secure.adnxs.com/mapuid?t=2&member=1001&user=117494521558030&seg_code=33x&random=1643923227 https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117494521558030%26seg_code%3D33x%26random%3D1643923227	43 B 1023 B	91ms 91ms	Image image/gif	68.67.160.75 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117494521558030%26seg_code%3D33x%26random%3D1643923227 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/stormy/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:27 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 6bb51c50-57ec-411f-8f95-69460369381f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:27 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 56854ad1-d007-4164-8210-b1c820107a2c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117494521558030%26seg_code%3D33x%26random%3D1643923227 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	dataBeacons.min.js Show response data-beacons.s-onetag.com/	6 KB 2 KB	107ms 17ms	Script text/javascript	13.33.46.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data-beacons.s-onetag.com/dataBeacons.min.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.46.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-91.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr content-encoding gzip last-modified Wed, 07 Jul 2021 16:31:37 GMT server AmazonS3 age 3106 etag W/"5ff42869b876a4eddafd981cab0b8818" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 c62f6c9a9fdf2356a904a1b156a05fe0.cloudfront.net (CloudFront) cache-control max-age=3600 date Thu, 03 Feb 2022 20:28:42 GMT x-amz-cf-pop EWR52-C1 x-amz-cf-id 0xStN0657wdMltjJgeiMGEzJvQSCVq3uUzb0g4_KH65lX7-s1gWMVQ==
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/	41 B 458 B	65ms 20ms	Fetch application/json	63.251.114.136 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2 Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 63.251.114.136 , United States, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software / Resource Hash c0f704524fa7afe15ae596de937970a87af85b23ed8f3579b7a7c35d7fbb2a76 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap5ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/	41 B 458 B	59ms 18ms	Fetch application/json	63.251.114.136 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2 Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 63.251.114.136 , United States, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software / Resource Hash c0f704524fa7afe15ae596de937970a87af85b23ed8f3579b7a7c35d7fbb2a76 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap5ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/	41 B 458 B	61ms 21ms	Fetch application/json	63.251.114.136 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2 Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 63.251.114.136 , United States, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software / Resource Hash c0f704524fa7afe15ae596de937970a87af85b23ed8f3579b7a7c35d7fbb2a76 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:27 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap5ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61
GET H/1.1	200 OK	59574 Show response stags.bluekai.com/site/ Frame EF1F	73 B 774 B	134ms 83ms	Document text/html	23.3.124.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGIABWH8RxsAAAAJRfCAAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.838.22866%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=91936674 Requested by Host: tags.bkrtx.com URL: https://tags.bkrtx.com/js/bk-coretag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.3.124.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-3-124-133.deploy.static.akamaitechnologies.com Software / Resource Hash 0be6916731a201c80f67f69252819473e0909e287df3ee18087cd3300be2965a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ Response headers Content-Type text/html Content-Length 73 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive
GET H/1.1	200 OK	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match?r=83722 https://ce.lijit.com/merge?pid=2&3pid=C8E1C0A8514742869C425AD63B21AB8E	43 B 670 B	20ms 19ms	Image image/gif	23.92.190.69 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=C8E1C0A8514742869C425AD63B21AB8E Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 23.92.190.69 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:28 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3ewr1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers date Thu, 03 Feb 2022 21:20:27 GMT x-content-type-options nosniff server nginx location https://ce.lijit.com/merge?pid=2&3pid=C8E1C0A8514742869C425AD63B21AB8E strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 138 expires Wed, 02 Feb 2022 21:20:27 GMT
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043 https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043&_li_chk=true&previous_uuid=9231337a78fa47acb7a0680108dddd36 https://x.bidswitch.net/sync?dsp_id=42&user_id= https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=	43 B 510 B	37ms 37ms	Image image/gif	35.211.178.172 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id= Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 172.178.211.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:28 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id= Date Thu, 03 Feb 2022 21:20:28 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H/1.1	200 OK	59074 i6.liadm.com/s/ Redirect Chain https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043 https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043&_li_chk=true&previous_uuid=de611e208f5548a69649cec57c7871c4 https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043	43 B 419 B	97ms 24ms	Image image/gif	2600:1f18:444a:4602:b51a:2bef:14:5241 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 03 Feb 2022 21:20:28 GMT Cache-Control no-store Connection keep-alive Content-Length 43 Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/gif Redirect headers Location https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=8cbe88fefe5a832b2c5ff043 Date Thu, 03 Feb 2022 21:20:27 GMT Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=31536000; includeSubDomains
GET H/1.1	200 OK	merge ce.lijit.com/ Redirect Chain https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=8cbe88fefe5a832b2c5ff043&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=8cbe88fefe5a832b2c5ff043&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://ce.lijit.com/merge?pid=5014&3pid=77dc98b02fe32bb1236819ccd6835946	43 B 673 B	35ms 19ms	Image image/gif	23.92.190.69 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=5014&3pid=77dc98b02fe32bb1236819ccd6835946 Requested by Host: loveme.uno URL: https://loveme.uno/stormy/ Protocol HTTP/1.1 Server 23.92.190.69 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:28 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3ewr1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers date Thu, 03 Feb 2022 21:20:28 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP='NON DSP COR CONi OUR BUS CNT' location https://ce.lijit.com/merge?pid=5014&3pid=77dc98b02fe32bb1236819ccd6835946 cf-ray 6d7eb40ece92ca94-YYZ content-length 0
GET H2	204	ProfilesEngineServlet api.intentiq.com/profiles_engine/ Frame 0B00	0 0	103ms 28ms	Document text/plain	13.226.31.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=43765 Requested by Host: data-beacons.s-onetag.com URL: https://data-beacons.s-onetag.com/dataBeacons.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.31.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-31-79.ewr53.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers date Thu, 03 Feb 2022 21:20:27 GMT server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" x-cache Miss from cloudfront via 1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront) x-amz-cf-pop EWR53-C2 x-amz-cf-id 5VKlhVLmM-QWRBQfhUJ4A9h6OTeZru44uHEDlqyQe0_PS6yOKvtzzA==
GET H2	200	optimus_rules.json tags.crwdcntrl.net/lt/c/3825/	4 KB 1 KB	70ms 32ms	XHR application/json	99.84.42.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-126.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 03 Feb 2022 21:16:36 GMT content-encoding gzip age 233 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 10 Jan 2022 15:33:32 GMT server AmazonS3 etag W/"6db43f44304c37d76768275ee4f01ba4" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json via 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop EWR52-C4 x-amz-cf-id N-L_PoNG4COiNzhQGa3N4vHiEKVRQIDuyqwD-y_Zg3NppUPVCfjyQQ==
POST H/1.1	200 OK	/ t.dtscout.com/pv/	0 262 B	318ms 108ms	Ping application/javascript	51.89.24.70 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/ Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip70.ip-51-89-24.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryCZCI384QVGAhcWyR Response headers Date Thu, 03 Feb 2022 21:20:28 GMT X-T 0.091 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Thu, 03 Feb 2022 21:20:27 GMT
POST H2	200	metrics connect-metrics-collector.s-onetag.com/	0 73 B	135ms 34ms	Ping text/plain	99.83.181.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://connect-metrics-collector.s-onetag.com/metrics Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.181.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0cb5afe0ce76779e.awsglobalaccelerator.com Software / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 03 Feb 2022 21:20:28 GMT content-length 0 vary Origin
GET H2	200	Primary Request / Show response tenderchicksfx.com/	11 KB 5 KB	533ms 405ms	Document text/html	2606:4700:3031::6815:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e538d482ed6d7bc77cf86eca2303b30f17b06b128a975849c05e57c10be1e6f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers date Thu, 03 Feb 2022 21:20:28 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cache-control max-age=0, private, must-revalidate cross-origin-window-policy deny x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none x-xss-protection 1; mode=block cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElQVYShoAYUZ%2FwhJwgn04NFapTSVt%2FmXcrPfNV92QtLmRbzjwfcbiWbo5nqXOPBc8VTcdi%2FBw18IvYGtedhSN39CYSf2vEJ2%2BJ1dHSuvbwvZ7NuEYX1uZdkPUHvJ6e5054uDeUN6RJ2lTJSNGWTwP%2Bk%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d7eb410ef7b4bca-YUL content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	data bcp.crwdcntrl.net/6/	614 B 1 KB	168ms 107ms	XHR application/json	18.206.84.102 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/data Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-206-84-102.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 03 Feb 2022 21:20:28 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://loveme.uno cache-control no-cache x-server 10.40.41.51 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 614 expires 0
POST H3	200	a a.dtssrv.com/	0 540 B	211ms 117ms	Ping text/html	2606:4700:3030::6815:4e62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/a?i=51A0164392322743E68B6965402779B0&k=lotpano&v=b0b087456e9fa372ee7a2dace17816d53938ce9f5500dc25072fd85c15b45b8e Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2Fstormy%2F&j= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4e62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 03 Feb 2022 21:20:28 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BA83LY0%2FTITRivncMymNMZjkH9ABKd5a2IGByz2jR6uX613tqXl1bIgHhhQphpQCJ%2FtKjH%2BMKCpHvP7eIo0PVDG8lmyTg5QJZiGQUl26x7wSJNueA%2BM7ZLFm%2FjqZXjvGnkqQXO07g1RTYc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 6d7eb412394decee-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	lt.iframe.html tags.crwdcntrl.net/lt/shared/2/ Frame 99A9	2 KB 1 KB	19ms 18ms	Document text/html	99.84.42.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-126.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers content-type text/html date Thu, 03 Feb 2022 13:10:20 GMT last-modified Mon, 01 Feb 2021 20:35:17 GMT etag W/"6fcf4f5197ab24c92d090f6ac8d87e01" x-amz-server-side-encryption AES256 cache-control max-age: 86400 server AmazonS3 content-encoding gzip vary Accept-Encoding x-cache Hit from cloudfront via 1.1 4d3ba36f3ff7e0b1faca1055e53c9914.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C4 x-amz-cf-id paxmIDCGt_qSadWEqplKu4YJ0MZ4c4Gwee4MXSrHc38lYZ2Hff8UHw== age 29409
GET H2	200	pixels bcp.crwdcntrl.net/ Frame 1DEF	4 KB 4 KB	70ms 69ms	Document text/html	18.206.84.102 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-206-84-102.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://tags.crwdcntrl.net/ Response headers date Thu, 03 Feb 2022 21:20:28 GMT content-type text/html content-length 3773 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV cache-control no-cache pragma no-cache expires 0 x-server 10.40.33.21 server Jetty(9.4.38.v20210224)
GET H2	200	tpid=7EC7B419-C7A3-4B1E-B5C4-3DEAE31ACCCF sync.crwdcntrl.net/map/c=240/tp=PUBM/ Frame 1DEF Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID&rdf=1 https://sync.crwdcntrl.net/map/c=240/tp=PUBM/tpid=7EC7B419-C7A3-4B1E-B5C4-3DEAE31ACCCF	49 B 265 B	33ms 33ms	Image image/gif	52.200.255.88 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=240/tp=PUBM/tpid=7EC7B419-C7A3-4B1E-B5C4-3DEAE31ACCCF Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.200.255.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-255-88.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 03 Feb 2022 21:20:28 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.36.196 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=240/tp=PUBM/tpid=7EC7B419-C7A3-4B1E-B5C4-3DEAE31ACCCF date Thu, 03 Feb 2022 21:20:27 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H2	200	gdpr_consent= sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=708c8f92-7272-4d9c-a7fd-5b8632bba254/gdpr=0/ Frame 1DEF Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=708c8f92-7272-4d9c-a7fd-5b8632bba254/gdpr=0/gdpr_consent=	49 B 266 B	97ms 38ms	Image image/gif	52.200.255.88 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=708c8f92-7272-4d9c-a7fd-5b8632bba254/gdpr=0/gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.200.255.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-255-88.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 03 Feb 2022 21:20:28 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.47.231 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Thu, 03 Feb 2022 21:20:28 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=708c8f92-7272-4d9c-a7fd-5b8632bba254/gdpr=0/gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 249
GET		ltm audex.userreport.com/sync/put/ Frame 1DEF	0 0
GET H2	200	tpid=65c00617-6494-4c7e-8660-daf141147a6b sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 1DEF Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=4cf6db6f370aa3ba7909006577e33a77&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp... https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D65c00617-6494-4c7e-8660-daf141147a6b%252Chttps%253A... https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6250854833990502849&pt=65c00617-6494-4c7e-8660-daf141147a6b%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp... https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=65c00617-6494-4c7e-8660-daf141147a6b	49 B 265 B	27ms 27ms	Image image/gif	52.200.255.88 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=65c00617-6494-4c7e-8660-daf141147a6b Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.200.255.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-255-88.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 03 Feb 2022 21:20:28 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.36.146 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=65c00617-6494-4c7e-8660-daf141147a6b date Thu, 03 Feb 2022 21:20:28 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET		getuid ads.avct.cloud/ Frame 1DEF Redirect Chain https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D	0 0
GET H2	200	tpid=1ecdf1e5-e05e-6e42-68a9-c966d0257581 bcp.crwdcntrl.net/map/c=10098/tp=SRVT/ Frame 1DEF Redirect Chain https://px.surveywall-api.survata.com/t https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=1ecdf1e5-e05e-6e42-68a9-c966d0257581	49 B 264 B	30ms 28ms	Image image/gif	18.206.84.102 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=1ecdf1e5-e05e-6e42-68a9-c966d0257581 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-206-84-102.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 03 Feb 2022 21:20:28 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.11.62 content-type image/gif content-length 49 expires 0 Redirect headers Date Thu, 03 Feb 2022 21:20:28 GMT ETag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" Server nginx/1.19.2 X-Powered-By Express Content-Type image/gif; charset=utf-8 Location https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=1ecdf1e5-e05e-6e42-68a9-c966d0257581 Referer px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com Connection keep-alive Content-Length 0
GET		ibs:dpid=121998&dpuuid=4cf6db6f370aa3ba7909006577e33a77&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D dpm.demdex.net/ Frame 1DEF	0 0
GET		identity c.cintnetworks.com/ Frame 1DEF	0 0
GET		sync sync.tag.clrstm.com/lotame/ Frame 1DEF	0 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 1DEF	0 337 B	24ms 24ms	Image text/plain	44.196.16.107 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=4cf6db6f370aa3ba7909006577e33a77 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.16.107 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-16-107.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:28 GMT cache-control private, no-cache, no-store x-request-time D=29 t=1643923228 x-served-by beacon-n025-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET		image.sbxx global.ib-ibi.com/ Frame 1DEF	0 0
GET		g.pixel aa.agkn.com/adscores/ Frame 1DEF	0 0
GET H/1.1	200 OK	utsync.ashx ml314.com/ Frame 1DEF	43 B 517 B	25ms 24ms	Image image/gif	34.233.103.61 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=50146&et=0&fp=4cf6db6f370aa3ba7909006577e33a77&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-103-61.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Feb 2022 21:20:28 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Fri, 04 Feb 2022 16:20:28 GMT
GET		sync sync.srv.stackadapt.com/ Frame 1DEF	0 0
GET		bridge cm.adgrx.com/ Frame 1DEF	0 0
GET		img sync.mathtag.com/sync/ Frame 1DEF	0 0
GET		usersync pixel-sync.sitescout.com/connectors/lotame/ Frame 1DEF	0 0
GET		bsTd8NdE sync-tm.everesttech.net/upi/pid/ Frame 1DEF	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 1DEF	170 B 188 B	40ms 39ms	Image image/png	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C61%2C54%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 03 Feb 2022 21:20:28 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		5907 tags.bluekai.com/site/ Frame 1DEF	0 0
GET		g.json aa.agkn.com/adscores/ Frame 1DEF	0 0
GET		tpid=$!%7BTURN_UUID%7D d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/4cf6db6f370aa3ba7909006577e33a77/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 1DEF	0 0
GET		getuid secure.adnxs.com/ Frame 1DEF	0 0
POST		a.gif t.sharethis.com/d/ Frame ADC4	0 0
GET H3	200	css fonts.googleapis.com/	2 KB 525 B	65ms 36ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b0d3e95d9ae6d861a6735dba876fe73ff082293d8663233cc19f54776f2912e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tenderchicksfx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 03 Feb 2022 21:20:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 03 Feb 2022 21:20:28 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 03 Feb 2022 21:20:28 GMT
GET H3	200	icon-cross.svg tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/	316 B 877 B	419ms 391ms	Image image/svg+xml	2606:4700:3031::6815:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/icon-cross.svg Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3c1977f089e4d0203a71c28178bd1b9f019a97690df9687984f7fc4e57c511b Request headers Accept-Language en-CA,en;q=0.9 Referer https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:29 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 11:53:22 GMT server cloudflare etag W/"6194ed32-13c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxuOwRBqtS8XG4hxCEzOuSSAZ%2F3XdtkBnzB%2FGSc4f56eXlqihtBbH88o1JOvXuAIjvG3VvL%2FgAE3W%2BMJ%2FYcLu6wmvhT%2FsS%2FkV%2B2elyix9b%2BPKfnR1KUZZ0PmzJv%2BRd3DeEpCjzGjUW6SYBwhSrDlgGU%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6d7eb413bc654bd0-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3	200	icon-chevron-right.svg tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/	240 B 854 B	383ms 361ms	Image image/svg+xml	2606:4700:3031::6815:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/icon-chevron-right.svg Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d77d6c825244bbd244c8184f51b1f8b91064c1c2fa30d5883fcc2457f93d3a5f Request headers Accept-Language en-CA,en;q=0.9 Referer https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:29 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 11:53:22 GMT server cloudflare etag W/"6194ed32-f0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk76GigmXyXqw0g%2F0%2FYGd2oFwO7YlmX2hwIxgWzGCoBZ46hyLWvDrPWjmLxdPWMxdxMrEP72pF9XIfM%2B4vWj9JN1g1skH%2BL8vjrOBXXezmEU75IBD14kSZzriQJ4Qu3L0Mjc7p3iBLh6ix%2BxgHLwHg4%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6d7eb413bc674bd0-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	83ms 28ms	Script application/javascript	2001:4de0:ac18::1:a:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://tenderchicksfx.com/ Origin https://tenderchicksfx.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:28 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1538f" vary Accept-Encoding x-hw 1643923228.dop079.dc2.t,1643923228.cds095.dc2.hn,1643923228.cds164.dc2.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H2	200	jquery.background-video.min.js Show response cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/	3 KB 2 KB	86ms 37ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 011aefbda7751bf283a0a16c869bb14d49d2ecfa767ae161c6db3a1eda0336e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://tenderchicksfx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 8728248 x-jsd-version 1.1.0 x-cache HIT, MISS cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19136-FRA, cache-yyz4535-YYZ timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"c2c-rk12AHoQRv8E9UcxhQwjPVHVc68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 6d7eb413ec874bca-YUL
GET H3	200	p.js Show response tenderchicksfx.com/	406 B 1 KB	258ms 235ms	Script application/javascript	2606:4700:3031::6815:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tenderchicksfx.com/p.js?a=1080289&cr=53153&lid=16320&mh=clhVanNsZEFSdGVlUW1UZG9CaWxaUnp4VlZCcnhReWNQQUtIb20tMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=stormy Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e8f4b5aa2fe6d8d49a99e409de4a8bd5893552db1f4f1e2cf3da6e538b114a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none cross-origin-window-policy deny alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGKt94gt2VkZm28EJgfxyZLUxU14NPk10pmh0Q7IQ6QGqxIN0gTf7LSAl21Tg01uGKvGacQVL1HtXjOSvgkLkXs3oxbk1qRWuuJYq%2F7rJBC%2Boss7b3VbHLFxeq4Dc99mtlaX%2BsjV%2F4FXP1Cw9Lpl6bI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=0, private, must-revalidate cf-ray 6d7eb413bc694bd0-YUL
GET H3	200	f.js Show response tenderchicksfx.com/lstatic/	2 KB 2 KB	56ms 35ms	Script application/javascript	2606:4700:3031::6815:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tenderchicksfx.com/lstatic/f.js Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 963a44fa6cbb7486c60762c3ee87598cebac50d93ffc8bcda9ac4b946637138b Request headers Accept-Language en-CA,en;q=0.9 Referer https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 21:20:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5378 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 18 Nov 2021 15:35:31 GMT server cloudflare etag W/"619672c3-6ca" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6vmjaF0AZ8hdKGERbHOCHcL9ode53XxntV7ie%2FQ2%2FhH5aTgPd6AK214pXt5dLuvF%2BccBMYBseK3oh5AELmQxxBEjnRDdK8XntXvZRL2qJi8S3uBTjmQfmJIpsn3K6trEUUwsCftVLVlr%2BqaRDfUbBI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6d7eb413bc634bd0-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3	206	1.mp4 tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/video/	974 KB 975 KB	608ms 593ms	Media video/mp4	2606:4700:3031::6815:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/video/1.mp4 Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b3b62fbea6a0f85a16904129c448a32bac1b84f6d63987fb12a4bec2bc91e97 Request headers Referer https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=stormy Accept-Encoding identity;q=1, *;q=0 Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Range bytes=0- Response headers date Thu, 03 Feb 2022 21:20:29 GMT access-control-allow-methods GET, POST, OPTIONS cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Range bytes 0-997796/997797 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 997797 last-modified Wed, 17 Nov 2021 11:53:22 GMT server cloudflare etag "6194ed32-f39a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G7pzMyEp84uEEKFJryE03tA6VmnSv5lhGYmiqoL0m7JDjs%2BPlq%2FDgAunMT6NwnAe4%2FrylltWOGpLZktNjt53yYiFNJrXnkyQbaZ%2B2PKEAX1TDoy5L0xO93H%2BdWXjSEvY0Nb5%2BPPQkU6DMsRLBxqgH4%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6d7eb413bc5f4bd0-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v23/	12 KB 12 KB	48ms 21ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://tenderchicksfx.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 03 Feb 2022 02:10:40 GMT x-content-type-options nosniff age 68988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12648 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:11:58 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 03 Feb 2023 02:10:40 GMT
POST H3	200	featrepl Show response tenderchicksfx.com/	2 B 569 B	120ms 119ms	XHR text/plain	2606:4700:3031::6815:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tenderchicksfx.com/featrepl?a=1080289&cr=53153&lid=16320&mh=clhVanNsZEFSdGVlUW1UZG9CaWxaUnp4VlZCcnhReWNQQUtIb20tMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=stormy Requested by Host: tenderchicksfx.com URL: https://tenderchicksfx.com/lstatic/f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://tenderchicksfx.com/?a=1080289&cr=53153&lid=16320&mh=clhVanNsZEFSdGVlUW1UZG9CaWxaUnp4VlZCcnhReWNQQUtIb20tMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=stormy Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 03 Feb 2022 21:20:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgniJcudXj43raK6xuioMpdlwbOlhWGg9cADfLRFRmdLN%2BqSeDaexyA1RneyscvHYGcfgovoeasNuHRTynqMvU5U17%2FvyT8FxfmKuajwt5c8VrG%2BdX3HbJKjX6AOMso81oHqxbcupo4xXaRGCGuDJPU%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 cf-ray 6d7eb4153f664bd0-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

audex.userreport.com

URL

https://audex.userreport.com/sync/put/ltm?ltmid=4cf6db6f370aa3ba7909006577e33a77

Domain

ads.avct.cloud

URL

https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D

Domain

dpm.demdex.net

URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4cf6db6f370aa3ba7909006577e33a77&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D

Domain

c.cintnetworks.com

URL

https://c.cintnetworks.com/identity?a=5461&id=Lotame:4cf6db6f370aa3ba7909006577e33a77

Domain

sync.tag.clrstm.com

URL

https://sync.tag.clrstm.com/lotame/sync?uid=4cf6db6f370aa3ba7909006577e33a77

Domain

global.ib-ibi.com

URL

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=4cf6db6f370aa3ba7909006577e33a77

Domain

aa.agkn.com

URL

https://aa.agkn.com/adscores/g.pixel?sid=9202276048

Domain

sync.srv.stackadapt.com

URL

https://sync.srv.stackadapt.com/sync?nid=lotame

Domain

cm.adgrx.com

URL

https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__

Domain

sync.mathtag.com

URL

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D

Domain

pixel-sync.sitescout.com

URL

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID

Domain

sync-tm.everesttech.net

URL

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D

Domain

tags.bluekai.com

URL

https://tags.bluekai.com/site/5907?limit=0&id=813ceb84e42ca460d59255a01b537f98

Domain

aa.agkn.com

URL

https://aa.agkn.com/adscores/g.json?sid=9202507693

Domain

d.turn.com

URL

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/4cf6db6f370aa3ba7909006577e33a77/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D

Domain

secure.adnxs.com

URL

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=680472231%2Ftpid%3D%24UID%2Ftp%3DANXS

Domain

t.sharethis.com

URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGIABWH8RxsAAAAJRfCAAw%253D%253D&tt=t.dhj&dhjLcy=1643923227456&lbl=pxcel&flbl=pxcel&ll=d&ver=1.838.22866&ell=d&cck=__stid&dmn=loveme.uno&pn=%2Fstormy%2F&qs=na&rdn=loveme.uno&rpn=%2Fstormy%2F&rqs=na&cc=CA&cont=NA&evid=hOcdB7XAka2ATUxC3RHa&urls=!1!296!b-13j,!1!316!b-13h,!1!0!b-14t,!1!281!b-150,!1!305!b-16f&rnd=1643923228703&cid=c010&version=1.838.22866&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=34&sndBcn=1